Enterasys 5g102-06-g Betriebsanweisung
![Enterasys](https://files.manualsbrain.com/attachments/0d61cd0d9a60e36f1a6c1364af6a0a9788bcf75b/common/fit/150/50/0c43aa9c6913c8f0c68912f62e6506afc95280a8d9a1fc71e52e7f54646e/brand_logo.jpeg)
802.1X Port Based Network Access Control
9-2
Security Menu Screens
9.1.1
Definitions of Terms and Abbreviations
9.1.2
Overview
The Enterasys Networks Matrix E5 modules support the following 802.1X and EAP security and
authentication features to:
authentication features to:
•
Authenticate hosts that are connected to dedicated switch ports.
•
Authenticate based on single-user hosts. (If a host is a time-shared Unix or VMS system,
successful authentication by any user will allow all users access to the network.)
successful authentication by any user will allow all users access to the network.)
•
Allow users to authenticate themselves by logging in with user names and passwords, token
cards, or other high-level identification. Thus, a system manager does not need to spend hours
setting low-level MAC address filters on every edge switch to simulate user-level access
controls.
cards, or other high-level identification. Thus, a system manager does not need to spend hours
setting low-level MAC address filters on every edge switch to simulate user-level access
controls.
Table 9-1
Authentication Terms and Abbreviations
Term
Definition
EAP
Extensible Authentication Protocol (e.g., Microsoft IAS
Server and Funk Steel Belted Radius).
Server and Funk Steel Belted Radius).
PAE
Port Access Entity, device firmware that implements or
participates in the protocol.
participates in the protocol.
RADIUS
Remote Authentication Dial-In User Service.
Authenticator
The entity that sits between a supplicant and the
authentication server. The authenticator’s job is to pass
authenticating information between the supplicant and
authentication server until an authentication decision is
made.
authentication server. The authenticator’s job is to pass
authenticating information between the supplicant and
authentication server until an authentication decision is
made.
Authentication Server
Provides authentication service to an authenticator. This
service determines, by the credentials the supplicant
provides, whether a supplicant is authorized to access
services provided by the authenticator. The authentication
server can be co-located with an authenticator or can be
accessed remotely.
service determines, by the credentials the supplicant
provides, whether a supplicant is authorized to access
services provided by the authenticator. The authentication
server can be co-located with an authenticator or can be
accessed remotely.
Supplicant
The entity (user machine) that is trying to be authenticated
by an authenticator attached to the other end of that link.
by an authenticator attached to the other end of that link.