Authentication is a means of verifying information transmitted from a secure source. If information is
authentic, you know who created it and you know it has not been altered in any way since originated.
Authentication entails a network administrator employing a software “supplicant” on their computer
or wireless device.

Authentication is critical for the security of any wireless LAN device. Traditional authentication
methods are not suitable for use in wireless networks where an unauthorized user can monitor
network traffic and intercept passwords. The use of strong authentication methods that do not
disclose passwords is necessary. The access point uses the Kerberos authentication service protocol
(specified in RFC 1510) to authenticate users/clients in a wireless network environment and to
securely distribute the encryption keys used for both encrypting and decrypting.

A basic understanding of RFC 1510 Kerberos Network Authentication Service (V5) is helpful in
understanding how Kerberos functions. By default, WLAN devices operate in an open system network
where any wireless device can associate with an AP without authorization. Kerberos requires device
authentication before access to the wired network is permitted.

For detailed information on Kerbeors configurations, see

Configuring Kerberos Authentication on

page 6-8