beautypg.com

Configuring kerberos authentication, Configuring kerberos, Authentication – Brocade Mobility 5181 Access Point Product Reference Guide (Supporting software release 4.4.0.0) User Manual

Page 150

background image

136

Brocade Mobility 5181 Access Point Product Reference Guide

53-1002516-01

Configuring Kerberos authentication

6

Configuring Kerberos authentication

Kerberos (designed and developed by MIT) provides strong authentication for client/server
applications using secret-key cryptography. Using Kerberos, a client must prove its identity to a
server (and vice versa) across an insecure network connection.

Once a client and server use Kerberos to prove their identity, they can encrypt all communications
to assure privacy and data integrity. Kerberos can only be used on the access point with Brocade
802.11b clients.

CAUTION

Kerberos makes no provisions for host security. Kerberos assumes that it is running on a trusted
host with an untrusted network. If host security is compromised, Kerberos is compromised as
well.

Kerberos uses the Network Time Protocol (NTP) for synchronizing the clocks of its Key Distribution
Center (KDC) server(s). Use the NTP Servers screen to specify the IP addresses and ports of
available NTP servers. Kerberos requires the Enable NTP on checkbox be selected for
authentication to function properly. See

“Configuring Network Time Protocol (NTP)”

on page 76 to

configure the NTP server.

NOTE

If 802.11a is selected as the radio used for a specific WLAN, the WLAN cannot use a Kerberos
supported security policy, as no Brocade 802.11a clients can support Kerberos.

To configure Kerberos on the Mobility 5181 Access Point:

1. Select Network Configuration -> Wireless -> Security from the Mobility 5181 Access Point

menu tree.

If security policies supporting Kerberos exist, they appear within the Security Configuration
screen. These existing policies can be used as is, or their properties edited by clicking the Edit
button. To configure a new security policy supporting Kerberos, continue to step 2.

2. Click the Create button to configure a new policy supporting Kerberos.

The New Security Policy screen displays with no authentication or encryption options selected.

3. Select the Kerberos radio button.

The Kerberos Configuration field displays within the New Security Policy screen.

4. Ensure the Name of the security policy entered suits the intended configuration or function of

the policy.

5. Set the Kerberos Configuration field as required to define the parameters of the Kerberos

authentication server and Mobility 5181 Access Point.

See also other documents in the category Brocade Computer Accessories: