This blog was originally started to better help me understand the technologies in the CCIE R&S blueprint; after completing the R&S track I have decided to transition the blog into a technology blog.

CCIE #29033

This blog will continue to include questions, troubleshooting scenarios, and references to existing and new technologies but will grow to include a variety of different platforms and technologies. Currently I have created over 185 questions/answers in regards to the CCIE R&S track!! Note: answers are in the comment field or within "Read More" section.

You can also follow me on twitter @FE80CC1E


Saturday, February 11, 2012

802.1x Roles


Role of the 802.1x Client Software

  • Supplicant is responsible for initiating on authenication sessions with the authenticator
  • Supplicant software can be included in the operating system or you can install a third party supplicant

Role of 802.1x Authenticator

  • The authenticator is refered to as the NAD (Network Access Device) such as a switch, WLAN controller, firewall, etc..
  • The supplicant is challenged by the authenicator, the supplicant enters credentials and the NAD passes credentitals to the authentication server. The authenticator also enforces policies on each 802.1x port.

Role of the 802.1x Authentication Server

  • Performs Authentication, Authorization and Accounting
  • Validates the authentication credentials of the supplicants that are forwarded by the NAD
  • Policy look-up based on the supplicant idenitiy and group affiliation and passes the policy to the NAD. This can be the for of DACL (Downloadable ACL) or VLAN assignment
  • An authentication server for Cisco can include Cisco ISE or Cisco ACS

Role of the Dirctory Server in 802.1x

  • Cisco ISE supports 
    • local user database (does not scale)
    • Supports Active Directory
    • LDAP
    • RSA Tokens
    • RSA Secure ID
    • Certificate

0 comments:

Post a Comment