Scribd Logo
Upload

Welcome to Scribd!

  • DOT1X

    Uploaded by

    ashutoshgh04
    8 views70 pages
    This document provides an overview of Cisco Identity-Based Networking Services (IBNS) and its components. It discusses the role of AAA and Cisco ISE solutions in Cisco IBNS. It also explores the IEEE 802.1X standard and EAP methods for authentication, describing non-tunnel and tunnel EAP architectures. Additionally, it covers the role of RADIUS in 802.1X communications and the use of attribute-value pairs for authentication and authorization. Identity management solutions like Active Directory are also referenced.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PPTX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document provides an overview of Cisco Identity-Based Networking Services (IBNS) and its components. It discusses the role of AAA and Cisco ISE solutions in Cisco IBNS. It also explores the IEEE 802.1X standard and EAP methods for authentication, describing non-tunnel and tunnel EAP architectures. Additionally, it covers the role of RADIUS in 802.1X communications and the use of attribute-value pairs for authentication and authorization. Identity management solutions like Active Directory are also referenced.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    8 views70 pages

    DOT1X

    Uploaded by

    ashutoshgh04
    This document provides an overview of Cisco Identity-Based Networking Services (IBNS) and its components. It discusses the role of AAA and Cisco ISE solutions in Cisco IBNS. It also explores the IEEE 802.1X standard and EAP methods for authentication, describing non-tunnel and tunnel EAP architectures. Additionally, it covers the role of RADIUS in 802.1X communications and the use of attribute-value pairs for authentication and authorization. Identity management solutions like Active Directory are also referenced.

    Copyright:

    © All Rights Reserved
    Download as PPTX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pptx, pdf, or txt
    of 70

    Cisco IBNS Overview

    Cisco Identity-Based Networking Services


    AAA Role in Cisco IBNS
    Cisco IBNS and Cisco ISE Solutions
    Cisco IBNS Architecture Components
    Explore the IEEE 802.1X Standard

    The IEEE 802.1X standard was created to provide strong Layer 2 edge network authentication and authorization to secure wired and wireless
    networks
    Explore 802.1X and EAP

    EAP was originally designed for PPP (Point-to-Point Protocol) networks, but gained wide adoption on wired and wireless 802.1X implementations.

    Tunnel and Non-Tunnel EAP

    Non-Tunnel EAP
     Non-tunnel EAP architecture, a single EAP session exists between the supplicant and the authentication
    server.
    • In this architecture, the supplicant sends its identity (name) in the clear to the authentication server.
    • This step is followed by an exchange that authenticates the authentication server to the user, and the user to
    the authentication server.
    • If the user is successfully authenticated, the authentication server signals success to the authenticator via the
    RADIUS protocol.
    • These EAP architectures cannot easily support one-time passwords, because these passwords do not support
    challenge-response methods that are typically used inside the EAP authentication exchange.
    The most common non-tunneled EAP types are described below:
    Tunnel EAP

    • Tunneled EAP architecture, in which an outer EAP encapsulates an inner EAP. The outer EAP provides server authentication, and
    a cryptographically secure tunnel for the inner EAP method to run in.
    • Typical outer EAPs are Protected Extensible Authentication Protocol (PEAP) and Extensible Authentication Protocol-Flexible
    Authentication via Secure Tunneling (EAP-FAST).
    • Extensible Authentication Protocol-Microsoft Challenge Handshake Authentication Protocol version 2 (EAP-MSCHAPv2),
    Extensible Authentication Protocol-Transport Layer Security (EAP-TLS), and Extensible Authentication Protocol-Generic Token
    Card (EAP-GTC) are commonly used for the inner EAP.
    Explain EAP Methods
    Role of RADIUS in 802.1X Communications
    Attribute-Value Pairs (AVP) in 802.1X Authentication and Authorization
    MAC Authentication Bypass for Wired and Wireless Access
    Identity Management
    Active Directory Identity Source

    You might also like