1x port security, Ietf rfc support, Chapter 6 – Brocade Communications Systems Brocade ICX 6650 6650 User Manual
Page 173: Chapter
Brocade ICX 6650 Security Configuration Guide
153
53-1002601-01
Chapter
6
802.1X Port Security
lists 802.1X port security features that are supported on Brocade ICX 6650. These
features are supported in the Layer 2, base Layer 3, edge Layer 3, and full Layer 3 software
images, except where explicitly noted.
IETF RFC support
Brocade ICX 6650 supports the IEEE 802.1X standard for authenticating devices attached to LAN
ports. Using 802.1X port security, you can configure a Brocade ICX 6650 device to grant access to
a port based on information supplied by a client to an authentication server.
When a user logs on to a network that uses 802.1X port security, the Brocade device grants (or
does not grant) access to network services after the user is authenticated by an authentication
server. The user-based authentication in 802.1X port security provides an alternative to granting
network access based on a user IP address, MAC address, or subnetwork.
The Brocade implementation of 802.1X port security supports the following RFCs:
•
RFC 2284 PPP Extensible Authentication Protocol (EAP)
•
RFC 2865 Remote Authentication Dial In User Service (RADIUS)
•
RFC 2869 RADIUS Extensions
TABLE 24
Supported 802.1X port security features
Feature
Brocade ICX 6650
802.1X port security
Yes
Multiple host authentication
Yes
EAP pass-through support
Yes
802.1X accounting
Yes
802.1X dynamic assignment for ACL, MAC
address filter, and VLAN
Yes
Automatic removal of Dynamic VLAN for
802.1X ports
Yes
RADIUS timeout action
Yes
802.1X and multi-device port
authentication on the same port
Yes
802.1X and sFlow
•
802.1X username export support for
encrypted and non-encrypted EAP
types
Yes