HP ProCurve 9304M Security Manual page 88

Routing switches

Hide thumbs Also See for ProCurve 9304M:

Management and configuration manual (690 pages)

Installation and configuration manual (504 pages)

Installation and getting started manual (348 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

page of 172

/ 172
Contents
Table of Contents
Bookmarks

Table of Contents

Security Guide for ProCurve 9300/9400 Series Routing Switches

The Client (known as a Supplicant in the 802.1X standard) provides username/password information to the

Authenticator. The Authenticator sends this information to the Authentication Server. Based on the Client's

information, the Authentication Server determines whether the Client can use services provided by the

Authenticator. The Authentication Server passes this information to the Authenticator, which then provides

services to the Client, based on the authentication result.

Figure 4.1 illustrates these roles.

Figure 4.1

Authenticator, Client/Supplicant, and Authentication Server in an 802.1X configuration

RADIUS Server

(Authentication Server)

HP Device

(Authenticator)

Client/Supplicant

Authenticator – The device that controls access to the network. In an 802.1X configuration, the HP device

serves as the Authenticator. The Authenticator passes messages between the Client and the Authentication

Server. Based on the identity information supplied by the Client, and the authentication information supplied by

the Authentication Server, the Authenticator either grants or does not grant network access to the Client.

Client/Supplicant – The device that seeks to gain access to the network. Clients must be running software that

supports the 802.1X standard (for example, the Windows XP operating system). Clients can either be directly

connected to a port on the Authenticator, or can be connected by way of a hub.

Authentication Server – The device that validates the Client and specifies whether or not the Client may access

services on the device. HP supports Authentication Servers running RADIUS.

Communication Between the Devices

For communication between the devices, 802.1X port security uses the Extensible Authentication Protocol

(EAP), defined in RFC 2284. The 802.1X standard specifies a method for encapsulating EAP messages so that

they can be carried over a LAN. This encapsulated form of EAP is known as EAP over LAN (EAPOL). The

standard also specifies a means of transferring the EAPOL information between the Client/Supplicant,

Authenticator, and Authentication Server.

4 - 2

June 2005

Table of Contents

This manual is also suitable for:

J4139aProcurve 9308mJ4874a Procurve 9408sl J4138a J8680a ... Show all

HP ProCurve 9304M Security Manual page 88

Related Manuals for HP ProCurve 9304M

Related Products for HP ProCurve 9304M

This manual is also suitable for:

Table of Contents