Download
1 / 3
30 likes | 132 Vues
This framework employs RADIUS, TACACS+, LDAP, Kerberos, VPN, MD5, TLS, and EAP to enhance wireless network security. It operates on IEEE 802 standards, facilitates strong authentication processes, and ensures data integrity. The framework supports a variety of EAP methods such as EAP-TLS, EAP-TTLS, and PEAP, enabling secure client-server communication.
E N D
Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos VPN MD5 TLS LEAP TTLS PEAP EAP API EAP NDIS API PPP 802.1x 802.3 802.5 802.11
IEEE 802.1X authentication • Performs authentication in a layer above the IEEE 802.11 MAC layer • Removes all authentication processing from the IEEE 802.11 MAC • 802.1X can use any EAP method installed on the client and AAA server • Methods in common use include TLS, Cisco LEAP (based on MS-CHAPv1), and Funk's Tunneled TTLS (TTLS)
Common EAP Methods • EAP-TLS • TLS handshake is used to mutually authenticate a client and server • EAP-TTLS extends this • Uses the secure connection established by the TLS handshake to perform additional authentication • PEAP • Similar to EAP-TTLS but only allows EAP for authentication • Also has key exchange, session resumption, fragmentation and reassembly
