Wpa-enterprise, wpa2-enterprise – Samsung CLX-8640ND-XAA User Manual
Page 11
Wireless Network Install Guide_
10
3. WPA-Enterprise, WPA2-Enterprise
WPA(WPA2)-Enterprise is an authentication method to use IEEE802.1x standard based on
an additional EAP(Extensible Authentication Protocol). WPA(WAP2)-Enterprise authorizes
and identifies users based on an authentication server called RADIUS(Remote
Authentication Dial In User Server).
•
WPA(WPA2)-Enterprise configuration is supported through a network cable. You
can set up a wireless printer security using the SyncThru™ Web Service program.
•
Supporting specifications about WPA-Enterprise can differ according to the
models.
•
EAP-TLS (EAP using Transport Layer Security) :
EAP-TLS (EAP using Transport Layer Security) : EAP-Transport Layer Security or
EAP-TLS, defined in RFC 5216, is an IETF open standard, and is well-supported among
wireless vendors. It uses PKI(Public Key Infrastructure) to secure authentication
between an authentication server and client. EAP-TLS uses X.509-compliant digital
certificates for both client and network sever authentication. So you have to install root
certificate and client certificate on the Samsung Network Printer.
•
EAP-TTLS (EAP using Tunneled Transport Layer Security):
EAP-TTLS (EAP using Tunneled Transport Layer Security) : EAP-TTLS is an EAP
protocol that extends TLS. EAP-TLS is widely supported, however no native OS
supports EAP-TTLS in Microsoft Windows. EAP-TTLS uses X.509-compliant digital
certificate for network server authentication. This also requires 802.1x user name, user
password and TTLS identity used by inner authentication protocol for client
authentication over a secure connection.
•
PEAP (Protected Extensible Authentication Protocol) :
PEAP (Protected Extensible Authentication Protocol) : PEAP is similar in design to
EAP-TTLS. PEAP is widely supported and provides very good security. Samsung
Network Printer supports PEAPv0/EAP-MSCHAPv2. PEAP also uses X.509-compliant
digital certificate for network server authentication and requires 802.1x user name, user
password used by inner authentication protocol for client authentication over a secure
connection.
Certificates are used to validate the identity of clients and network servers and allow
encrypted data communications for EAP/802.1x authentication. Certificates may be issued
and signed by a trusted third party, called Certificate Authority, or CA.
In EAP/802.1x authentications such as EAP-TLS, EAP-TTLS, and PEAP, Samsung print
server may require to configure one or both of the following certificates:
•
Root Certificate : A certificate from a trusted Certificate Authority (CA) is used to
validate the identity of a network authentication server while EAP authentication
methods such as EAP-TLS, EAP-TTLS, PEAP, are performed. The network
authentication server's identity will be validated when information of root certificate
installed on Samsung print server is identical to the information on a certificate received
from the network authentication server, such as RADIUS server. Root certificate that can
be installed on Samsung Network Printer must be the form of Base64 Encoded X.509
with .cer extension and be less than 3072 bytes.
•
Client Certificate : Client Certificate is used to the identity validation of Samsung
Network Printer from the network authentication server, such as RADIUS server, while
EAP-TLS authentication method is performed. Client certificate that can be installed on
Samsung Network Printer must be the form of PKCS #12 / Personal Information
Exchange with .pfx extension and be less than 3072 bytes.
Wireless-UG.book Page 21 Friday, August 13, 2010 10:32 AM