Free Trial

Safari Books Online is a digital library providing on-demand subscription access to thousands of learning resources.

  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint
Share this Page URL
Help

Chapter 12: Advanced Enterprise WLAN Sec... > Extensible Authentication Protocol

Extensible Authentication Protocol

The Extensible Authentication Protocol (EAP) is used with all WPA/WPA2-Enterprise deployments. EAP is the authentication protocol used between the supplicant and authenticator, and is defined in RFC 3748. EAP is also encapsulated in RADIUS messages between the authenticator and RADIUS server.

As of this writing, the Wi-Fi Alliance certifies devices for support of up to seven EAP types:

  • PEAPv0/EAP-MSCHAPv2
  • PEAPv1/EAP-GTC
  • EAP-TTLS/MSCHAPv2
  • EAP-TLS
  • EAP-FAST
  • EAP-SIM
  • EAP-AKA

Of these, there are several popular EAP types available, each with their own strengths and weaknesses. Some are very secure at the expense of high management overhead or high cost, whereas others are easy and cost effective to implement but may not provide the preferred level of protection or the desired authentication form factor. These and other trade-offs must be factored into the selection and configuration of a specific EAP type.


  

You are currently reading a PREVIEW of this book.

                                                                                                                    

Get instant access to over $1 million worth of books and videos.

  

Start a Free 10-Day Trial


  
  • Safari Books Online
  • Create BookmarkCreate Bookmark
  • Create Note or TagCreate Note or Tag
  • PrintPrint