Device roles in an 802.1x configuration – Brocade BigIron RX Series Configuration Guide User Manual
Page 1124
1046
BigIron RX Series Configuration Guide
53-1002484-04
How 802.1x port security works
34
Device roles in an 802.1x configuration
The 802.1x standard defines the roles of Client/Supplicant, Authenticator, and Authentication
Server in a network.
The Client (known as a Supplicant in the 802.1x standard) provides username/password
information to the Authenticator. The Authenticator sends this information to the Authentication
Server. Based on the Client's information, the Authentication Server determines whether the Client
can use services provided by the Authenticator. The Authentication Server passes this information
to the Authenticator, which then provides services to the Client, based on the authentication result.
illustrates these roles.
FIGURE 134
Authenticator, Client/Supplicant, and Authentication Server in an 802.1x
configuration
Authenticator – The device that controls access to the network. In an 802.1x configuration, the
BigIron RX serves as the Authenticator. The Authenticator passes messages between the Client and
the Authentication Server. Based on the identity information supplied by the Client, and the
authentication information supplied by the Authentication Server, the Authenticator either grants or
does not grant network access to the Client.
Client/Supplicant – The device that seeks to gain access to the network. Clients must be running
software that supports the 802.1x standard (for example, the Windows XP operating system).
Clients can either be directly connected to a port on the Authenticator, or can be connected by way
of a hub.
Authentication Server – The device that validates the Client and specifies whether or not the Client
may access services on the device. Brocade supports Authentication Servers running RADIUS.
Client/Supplicant
RADIUS Server
(Authentication Server)
BigIron Device
(Authenticator)