Cabletron Systems has announced that it is supporting the current work to ratify the IEEE 802.1X standards for network security and authentication, co-authored by John Roese, Cabletron's recently-appointed chief technology officer.
IEEE 802.1X will provide standards-based ingress port authentication, and will utilize existing security techniques such as RADIUS and ACE.
Roese explained, "While the industry has focused on providing high levels of security and authentication for remote dial-in users, little has been done in the standards world for providing these secure features in the LAN and wireless worlds. Cabletron has been developing switch port security for some time, and this has led to us leading the work in this new IEEE 802.1X standard."
Roese continued, "There are many government, military, academic and banking customers that want to control who enters their network communications LAN, RAS and wireless LAN systems."
Many industry leaders - including Microsoft, who has stated intentions to include the security mechanisms in future version of their Windows operating systems - will support the standard. Standardization work is ongoing in the IEEE 802.1 working group. Cabletron does, however, expect to implement pre-standard versions of IEEE 802.1X in their LAN switch and wireless products in the first half of 2000.
Cabletron is unique in its stated direction to use 802.1X on LAN and wireless LAN ports, enabling a single sign-on method to work regardless of attachment method (LAN, WLAN and RAS all use the same user credentials).
"Cabletron is continuing to drive the industry forward with new technologies and standards, showing that we are a leading provider of hardware and software products, as well as a visionary in developing the services that will deliver on our customers' business demands," said Piyush Patel, Cabletron's CEO and president. "The new IEEE 802.1X standards work is integrated closely into our service provider vision, allowing our partners to deliver `dark' service connections into homes and provide service access via user authentification."
IEEE 802.1X will work on both wired and non-wired 802.11 devices, and has a very low impact on device performance, enabling use of the standard in a wide variety of network devices. Other co-authors of the standard include Intel, 3Com, HP, Merit, Extreme and Microsoft.
-- 802.1X leverages the Extensible Authentication Protocol (EAP) Commonly deployed in RAS systems
-- EAP will be used over switched ports and wireless systems as a protocol for authentication of end systems based on higher layer credentials
-- User ID Authentication is possible with this service, leveraging password, certificate or even biometrics information
-- The IEEE work has just begun, but is widely endorsed by the vendor community
-- 802.1X will use the EXISTING security back end systems (RADIUS servers, user accounts and passwords) to minimize cost of deployment and consolidate services
-- 802.1X will enable secure authenticated access into switched ports and wireless LANs
-- 802.1X will protect networks from unauthorized users, even on Ethernet switched ports and wireless LANs
-- 802.1X can be extended to map users of differing authentication levels to different VLANs, priorities or access policies
-- User Authentication is critical to policy based networking as it provides a mapping of the end user to the physical location where policies must be enforced
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment