The IEEE authentication standard 802.1X supports improved security over wireless local area networks (WLANs). 802.1x enhances security measures through a process of user and system authentications. The standard is based on the EAP encapsulation over LAN (EAPOL) protocol. EAP expands on PPP or Point-to-Point Protocol. PPP is commonly used to connect a computer to the Internet. The algorithms associated with 802.1X include EAP-TLS, EAP-TTLS, and Protected EAP (PEAP). The 802.1X authentication process can reduce potential issues related to Wired Equivalent Privacy (WEP) protocol. 802.1X can offer security for either wired or wireless LANs.
The 802.1X Authentication Process
The process of 802.1x authenticationinvolves an access point (authenticator), client software (supplicant) and RADIUS (authentication server). When the supplicant sends a request for access to the authenticator, this access point will request the supplicant’s identity. The supplicant sends this identity to the authenticator, and this information is forwarded to the EAP-compliant RADIUS server. Once the authentication server accepts the identity of the supplicant, the access point opens the client port, granting network access.
802.1X Increases WLAN Security
The 802.1X standard ensures user authentications before data traffic is transmitted, a significant benefit in a WLAN. Through authentication, 802.1X increases WLAN security. The authentication framework improves network security by preventing intrusion and providing tools to enhance encryption. The RADIUS server can verify users through passwords or certificates. WLAN authentication security improves access control as users are identified and classified prior to gaining network access. Systems can also be authenticated, such as through a MAC address.