beautypg.com

Eap security & server certificates, Overview – AMX Modero NXD-700Vi User Manual

Page 139

background image

EAP Security & Server Certificates

117

7" Modero Widescreen Touch Panels

EAP Security & Server Certificates

Overview

The following EAP types all support a server certificate:

EAP-PEAP

EAP-TTLS

EAP-TLS

All three of these certificate-using security methods are documented in the following sections. EAP
Authentication goes a step beyond just encrypting data transfers, but also requires that a set of
credentials be validated before the client (panel) is allowed to connect to the rest of the network
(FIG. 88). Below is a description of this process. It is important to note that there is no user intervention
necessary during this process. It proceeds automatically based on the configuration parameters entered
into the panel.

A server certificate file uses a certificate that is installed in a panel so that the RADIUS server can be
validated before the panel tries to connect to it. The field name associated with this file is Certificate
Authority
.

If a server certificate is used, it should first be downloaded into the panel and the Certificate Authority
field should then be set to the name of that certificate file. No file path should be used for this setting as
all certificates are stored in a specific directory that the user cannot control or change. The most secure
connection method uses a server certificate.

If no server certificate will be used then, this field should be left blank. If the field contains a file name,
then a valid certificate file with the same file name must be previously installed on the panel. Otherwise
the authentication process will fail.

FIG. 88

EAP security method in process

LAN

Client - Panel

(supplicant)

802.1x

(EAP over Wireless)

Authenticator

(Wireless Access Point)

Authentication Server

(RADIUS Server)