Port-based authentication overview, Dot1x overview – Dell PowerEdge VRTX User Manual

Page 229

229

FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Plasma\User

Guide\Plasma_UGSwitching_NetworkSecurity.fm

D E L L CO N F I D E N T I A L – P R E L I MI N A RY 4/ 1 8 /1 3 - F O R PR O O F O N LY

Port-Based Authentication Overview

Port-based authentication enables authenticating system users on a per-port

basis via an external server. Only authenticated and approved system users

can transmit and receive data. Ports are authenticated via the RADIUS server

using the Extensible Authentication Protocol (EAP). Port Authentication

includes:

• Authenticators — Specifies the device port that is authenticated before

permitting system access.

•

Supplicants — Specifies the host connected to the authenticated port hat

is requesting to access the system services.

•

Authentication Server — Specifies the external server, for example, a

RADIUS server, which performs authentication on behalf of the

authenticator, and indicates whether the supplicant is authorized to access

system services.

Port-based authentication creates two access states:

• Controlled Access — Permits communication between the supplicant and

the system, if the supplicant is authorized.

•

Uncontrolled Access — Permits uncontrolled communication, regardless

of the port authorization state.

The device supports Port Based Authentication via RADIUS servers.

Dot1x Overview

Dot1x is an IEEE standard for port-based network access control. The Dot1x

framework enables a device (the supplicant) to request port access from a

remote device (authenticator) to which it is connected. The supplicant is

permitted to send data to the port only after it is authenticated and