Authentication protocols, Cisco features, Cisco leap – Intel 3945ABG User Manual

Page 138: Cisco rogue access point security feature, Fast roaming (cckm)

Advertising
background image

PEAP is a new Extensible Authentication Protocol (EAP) IEEE 802.1x authentication type

designed to take advantage of server-side EAP-Transport Layer Security (EAP-TLS) and to

support various authentication methods, including users' passwords and one-time

passwords, and Generic Token Cards.

Authentication Protocols

Generic Token Card (GTC): Carries user specific token cards for authentication. The

main feature in GTC is Digital Certificate/Token Card-based authentication. In

addition, GTC includes the ability to hide user name identities until the TLS encrypted

tunnel is established, which provides additional confidentiality that user names are not

being broadcasted during the authentication phase.

MS-CHAP-V2: Refer to

MS-CHAP-V2

above.

TLS: The TLS protocol is intended to secure and authenticate communications across

a public network through data encryption. The TLS Handshake Protocol allows the

server and client to provide mutual authentication and to negotiate an encryption

algorithm and cryptographic keys before data is transmitted. Refer to

TLS

above.

Cisco Features

Cisco LEAP

Cisco LEAP (Cisco Light EAP) is a server and client 802.1x authentication through a user-

supplied logon password. When a wireless access point communicates with a Cisco LEAP-

enabled RADIUS (Cisco Secure Access Control Server [ACS]), Cisco LEAP provides access

control through mutual authentication between client wireless adapters and the wireless

networks and provides dynamic, individual user encryption keys to help protect the privacy

of transmitted data.

Cisco Rogue Access Point Security Feature

The Cisco Rogue Access Point feature provides security protection from an introduction of a

rogue access point that could mimic a legitimate access point on a network in order to

extract information about user credentials and authentication protocols that could

compromise security. This feature only works with Cisco's LEAP authentication. Standard

802.11 technology does not protect a network from the introduction of a rogue access point.

Refer to

LEAP Authentication

for more information.

Fast Roaming (CCKM)

When a wireless LAN is configured for fast reconnection, a LEAP-enabled client device can

roam from one access point to another without involving the main server. Using Cisco

Advertising
Popular Brands
Popular manuals