Xerox ColorQube 8870 管理员指南
Security Features
ColorQube 8570/8870 Color Printer
System Administrator Guide
System Administrator Guide
74
Configuring 802.1X
Introduction to 802.1X and EAP
The 802.1X IEEE standard defines port-based, authenticated network access control for Ethernet local
area networks (LANs). In an 802.1X enabled network, the printer accesses the network by successfully
authenticating with credentials, such as a name and password. 802.1X uses the Extensible
Authentication Protocol (EAP) to relay port access requests between supplicants, authenticators, and
authentication servers.
area networks (LANs). In an 802.1X enabled network, the printer accesses the network by successfully
authenticating with credentials, such as a name and password. 802.1X uses the Extensible
Authentication Protocol (EAP) to relay port access requests between supplicants, authenticators, and
authentication servers.
EAP is the standard authentication mechanism carried over 802.1X. The EAP method is an inner
authentication protocol that provides the secure mechanism for the authentication exchange. Multiple
EAP methods can be used. EAP methods are defined in International Engineering Task Force (IETF)
Requests for Comments (RFC) documents, RFC drafts, or they can be proprietary. EAP methods have a
significant influence on how your network is designed and implemented, because not all supplicants,
not all access points, and not all RADIUS servers support all EAP methods. A careful evaluation of
standards can help with selecting appropriate LAN components that avoid vendor lock-in or dead-end
technology.
authentication protocol that provides the secure mechanism for the authentication exchange. Multiple
EAP methods can be used. EAP methods are defined in International Engineering Task Force (IETF)
Requests for Comments (RFC) documents, RFC drafts, or they can be proprietary. EAP methods have a
significant influence on how your network is designed and implemented, because not all supplicants,
not all access points, and not all RADIUS servers support all EAP methods. A careful evaluation of
standards can help with selecting appropriate LAN components that avoid vendor lock-in or dead-end
technology.
802.1X Configuration in CentreWare IS
Use the 802.1X configuration pages in CentreWare IS to perform the following tasks. Required
information varies depending on the EAP methods that you select.
information varies depending on the EAP methods that you select.
Note:
You can restrict access to the 802.1X configuration pages by using the passwords and
feature authorization settings on the Administrative Security Settings page. For details, see
1.
Launch a Web browser from your computer.
2.
3.
Click Properties.
4.
On the left navigation pane, expand the Security folder and select 802.1X.
5.
If you are a more experienced user, click the Advanced button; otherwise, click the Configuration
Wizard button. the wizard guides you through the setup.
For more information, click the Help button in CentreWare IS to view the
Wizard button. the wizard guides you through the setup.
For more information, click the Help button in CentreWare IS to view the
CentreWare IS Online
Help.
6.
Select EAP authentication methods – Select one or more authentication methods:
•
•
MD5 Challenge
•
TLS
•
PEAP-MS-CHAPv2 (PEAP)
If you select TLS or PEAP, you can use a root certificate to validate the authenticating server’s
certificate.
If you select TLS , install a signed device certificate that the authenticating server trusts, or install
a self-signed certificate to the authenticating server’s trusted certificate store.
certificate.
If you select TLS , install a signed device certificate that the authenticating server trusts, or install
a self-signed certificate to the authenticating server’s trusted certificate store.
7.
Install root certificate – If you select EAP methods that require a root certificate, you can: