ZyXEL Communications B-1000 User Manual
ZyAIR Access Point Series User’s Guide
F-2
Types of EAP Authentication
hiding client identity. However, PEAP only supports EAP methods, such as EAP-MD5 and EAP-
MSCHAPv2, for client authentication.
MSCHAPv2, for client authentication.
For added security, certificate-based authentications (EAP-TLS, EAP-TTLS and PEAP) use dynamic keys
for data encryption. They are often deployed in corporate environments, but for public deployment, simple
user name and password pair is more practical. The following table is a comparison of the features of four
authentication types.
for data encryption. They are often deployed in corporate environments, but for public deployment, simple
user name and password pair is more practical. The following table is a comparison of the features of four
authentication types.
Comparison of EAP Authentication Types
EAP-MD5
EAP-TLS
EAP-TTLS
PEAP
Mutual
Authentication
Authentication
No Yes Yes Yes
Certificate – Client
No Yes
Optional
Optional
Certificate – Server
No Yes Yes Yes
Dynamic Key
Exchange
Exchange
No Yes Yes Yes
Credential Security
None Strong Strong Strong
Deployment
Difficulty
Difficulty
Easy Hard
Moderate
Moderate
Wireless Security
Poor Best Good Good
Client Identity
Protection
Protection
No No Yes Yes