1. Manuals
  2. Brands
  3. Nortel Manuals
  4. Software
  5. Alteon OS 42C4911
  6. Application manual

Extensible Authentication Protocol Over Lan - Nortel Alteon OS 42C4911 Application Manual

Nortel 10gb ethernet switch module for ibm bladecenter version 1.0
Hide thumbs
Table of Contents

Advertisement

Alteon OS Application Guide

Extensible Authentication Protocol over LAN

Alteon OS can provide user-level security for its ports using the IEEE 802.1x protocol, which
is a more secure alternative to other methods of port-based network access control. Any device
attached to an 802.1x-enabled port that fails authentication is prevented access to the network
and denied services offered through that port.
The 802.1x standard describes port-based network access control using Extensible Authentica-
tion Protocol over LAN (EAPoL). EAPoL provides a means of authenticating and authorizing
devices attached to a LAN port that has point-to-point connection characteristics and of pre-
venting access to that port in cases of authentication and authorization failures.
EAPoL is a client-server protocol that has the following components:
Supplicant or Client
The Supplicant is a device that requests network access and provides the required creden-
tials (user name and password) to the Authenticator and the Authenticator Server.
Authenticator
The Authenticator enforces authentication and controls access to the network. The
Authenticator grants network access based on the information provided by the Supplicant
and the response from the Authentication Server. The Authenticator acts as an intermedi-
ary between the Supplicant and the Authentication Server: requesting identity information
from the client, forwarding that information to the Authentication Server for validation,
relaying the server's responses to the client, and authorizing network access based on the
results of the authentication exchange. The GbESM acts as an Authenticator.
Authentication Server,
The Authentication Server validates the credentials provided by the Supplicant to deter-
mine if the Authenticator should grant access to the network. The Authentication Server
may be co-located with the Authenticator. The GbESM relies on external RADIUS servers
for authentication.
Upon a successful authentication of the client by the server, the 802.1x-controlled port transi-
tions from unauthorized to authorized state, and the client is allowed full access to services
through the port. When the client sends an EAP-Logoff message to the authenticator, the port
will transition from authorized to unauthorized state.
68
Chapter 2: Port-based Network Access Control
42C4911, January 2007

Advertisement

Table of Contents
loading

Related Manuals for Nortel Alteon OS 42C4911

Related Content for Nortel Alteon OS 42C4911

This manual is also suitable for:

Alteon os

Table of Contents