Dell X1000 Series User Manual page 246
Hide thumbs
Also See for X1000 Series:
- Getting started manual (43 pages) ,
- Getting started manual (83 pages) ,
- Getting started manual (62 pages)
Table of Contents
Advertisement
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\Dell Astute\User
Authenticators — Specifies the device port that is authenticated before
•
permitting system access.
•
Supplicants — Specifies the host connected to the authenticated port hat
is requesting to access the system services.
•
Authentication Server — Specifies the external server, for example, a
RADIUS server, which performs authentication on behalf of the
authenticator, and indicates whether the supplicant is authorized to access
system services.
Port-based authentication creates two access states:
•
Controlled Access — Permits communication between the supplicant and
the system, if the supplicant is authorized.
•
Uncontrolled Access — Permits uncontrolled communication, regardless
of the port authorization state.
The device supports Port Based Authentication via RADIUS servers.
Dot1x Overview
Dot1x is an IEEE standard for port-based network access control. The Dot1x
framework enables a device (the supplicant) to request port access from a
remote device (authenticator) to which it is connected. The supplicant is
permitted to send data to the port only after it is authenticated and
authorized. If it is not authenticated and authorized, the authenticator
discards the supplicant data, unless the data is sent to a Guest VLAN and/or
non-authenticated VLANs.
Authentication of the supplicant is performed by an external RADIUS server
through the authenticator. The authenticator monitors the results of the
authentication.
In the Dot1x standard, a device can be a supplicant and an authenticator at a
port, simultaneously requesting and granting port access. However, this
device can only act as an authenticator, and does not take on the role of a
supplicant.
The following varieties of Dot1x exist:
•
Single session Dot1x:
Single-session/Single Host — In this mode, the switch, as an
–
authenticator, supports a single Dot1x session, and grants permission
to use the port to an authorized supplicant. All other access requests,
D E L L C O N F I D E N T I A L – P R E L I M I N A R Y 8 / 9 / 1 6 - F O R P R O O F O N L Y
246
Network Administration: Security
Guide\Dell_Astute_Network_Admin_Security.fm
- Quick Links:
- Using the Gui
Hide quick links:
Advertisement
Table of Contents
