802.1X Protocols
802.1X can be thought of as a control inside your Ethernet switches and APs. The
control starts in the OFF position. It considers 802.1X requests and if it decides to grant
access, the control moves to the ON position. After a period of time, the station times
out or disconnects, moving the control back to the OFF position.
Although the credibility of WEP has taken a beating, it’s not totally out of the WLAN
security game. WEP is a necessary part of an 802.1X deployment. WEP, used in
conjunction with 802.1X, is far more secure than when it is used in static deployments.
An even more robust security mechanism, Wi-Fi Protected Access (WPA), is discussed
later in this chapter.
There are several protocols used with the 802.1X standard for LAN Port Access
Control. Within the 802.1X framework, a LAN station is not allowed to pass traffic
through an Ethernet device or WLAN AP until it has successfully authenticated itself.
After it has been authenticated, the client can pass traffic on the LAN.
There are 43 protocols that work within the framework of 802.1X authentication. Some
of the popular protocols you are likely to see in Cisco wireless networking include a
variety of Extensible Authentication Protocol (EAP) authentication frameworks. These
are covered in the sections that follow.