Page 205 - StudyBook.pdf
P. 205
Communication Security: Wireless • Chapter 4 189
■ The latest and greatest security technology can be installed and should still
work with the existing infrastructure.
■ You can respond quickly to security issues as they arise.
EXAM WARNING
802.1x typically is covered in the access control, authentication, and
auditing sections of the Security+ exam, but is relevant to wireless net-
works because of the fact that it is quickly becoming the standard
method of securely authenticating on a wireless network. Also, do not
confuse 802.1x with 802.11x.
When a client device connects to a port on an 802.1x-capable AP, the AP port
determines the authenticity of the devices. Before discussing the workings of the
802.1x standard, the following terminology must be defined:
■ Port A single point of connection to a network.
■ Port Access Entity (PAE) Controls the algorithms and protocols that
are associated with the authentication mechanisms for a port.
■ Authenticator PAE Enforces authentication before allowing access to
resources located off of that port.
■ Supplicant PAE Tries to access the services that are allowed by the
authenticator.
■ Authentication Server Used to verify the supplicant PAE. It decides
whether or not the supplicant is authorized to access the authenticator.
■ Extensible Authentication Protocol Over LAN (EAPoL) 802.1x
defines a standard for encapsulating EAP messages so that they can be
handled directly by a LAN MAC service. 802.1x tries to make authentica-
tion more encompassing, rather than enforcing specific mechanisms on the
devices. Because of this, 802.11x uses Extensible Authentication Protocol
(EAP) to receive authentication information.
■ Extensible Authentication Protocol Over Wireless (EAPoW) When
EAPOL messages are encapsulated over 802.11 wireless frames, they are
known as EAPoW.
www.syngress.com
