Network User Authentication by Anthony Sequeira

For security purposes, some switches require users to authenticate themselves (that is, provide credentials, such as a username and password, to prove who they are) before gaining access to the rest of the network. A standards-based method of enforcing user authentication is IEEE 802.1X.

With 802.1X enabled, a switch requires a client to authenticate before communicating on the network. After the authentication occurs, a key is generated that is shared between the client and the device to which it attaches (for example, a wireless LAN controller or a Layer 2 switch). The key then encrypts traffic coming from and being sent to the client.

Figure 11-24 illustrates the three primary components of an 802.1X network, which are described in the following list:

• Supplicant: The supplicant is the device that wants to gain access to a network.

• Authenticator: The authenticator forwards the supplicant's authentication request on to an authentication server. After the authentication server authenticates the supplicant, the authenticator receives a key that is used to communicate securely during a session with the supplicant.

• Authentication server: The authentication server (for example, a Remote Authentication Dial-In Service [RADIUS] server) checks a supplicant's credentials. If the credentials are acceptable, the authentication server notifies the authenticator that the supplicant is allowed to communicate on the network. The authentication server also gives the authenticator a key that can be used to securely transmit data during the authenticator's session with the supplicant.

An even more sophisticated approach to admission control is the Network Access Control (NAC) feature offered by some authentication servers. Beyond just checking credentials, NAC can check characteristics of the device seeking admission to the network. The client's operating system (OS) and version of antivirus software are examples of these characteristics.

About The Author

Anthony Sequeira, CCIE No. 15626, is a Cisco Certified Systems Instructor (CCSI) and author regarding all levels and tracks of Cisco Certification. Anthony formally began his career in the information technology industry in 1994 with IBM in Tampa, Florida. He quickly formed his own computer consultancy, Computer Solutions, and then discovered his true passion-teaching and writing about Microsoft and Cisco technologies. Anthony joined Mastering Computers in 1996 and lectured to massive audiences around the world about the latest in computer technologies. Mastering Computers became the revolutionary online training company, KnowledgeNet, and Anthony trained there for many years. Anthony is currently pursuing his second CCIE in the area of Security and is a full-time instructor for the next-generation of KnowledgeNet, Anthony is also a VMware Certified Professional.

CompTIA Network+ N10-008 Cert Guide contains proven study features that allow you to succeed on the exam the first time. Expert instructor Anthony Sequeira shares preparation hints and test-taking tips, helping you identify areas of weakness and improve both your conceptual knowledge and hands-on skills, essential for successful completion of the performance-based testing items on the exam. This complete, CompTIA-approved study package includes the following:

A test-preparation routine proven to help you pass the exams
Clearly defined chapter learning objectives covering all N10-008 exam topics
Chapter-ending review questions and exam preparation exercises, which help you drill on key concepts you must know thoroughly
The powerful Pearson Test Prep practice test software, complete with hundreds of well-reviewed, exam-realistic questions, customization options, and detailed performance reports
40 performance-based exercises to help you prepare for the hands-on exam questions
A free copy of the CompTIA Network+ N10-008 Simulator Lite software, complete with meaningful lab exercises that enhance your hands-on skills
More than 60 minutes of video mentoring
A final preparation chapter that guides you through tools and resources to help you craft your review and test taking strategies
An Exam Essentials appendix that quickly recaps all major chapter topics for easy reference, both in print and interactive digital format
A key terms Glossary in both print and on the companion website, which acts as an interactive flash-card application
Study plan suggestions and templates to help you organize and optimize your study time
A 10% exam discount voucher (a $33+ value!)

Well regarded for its level of detail, study plans, assessment features, challenging review questions and exercises, video instruction, and hands-on labs, this approved study guide helps you master the concepts and techniques that ensure your exam success.

Master the topics on the CompTIA Network+ N10-008 exam, including:

Network topologies and media types
IP addressing
Network services
Data center architectures and cloud concepts
Routing, Ethernet switching, and wireless networking
Network availability and disaster recovery
Network security
Remote access
Network troubleshooting

Reader Paulo Cardoso says, "This is a great book. In addition, it comes with great additional resources."

Learn more about the CompTIA Network+ N10-008 Cert Guide at

Learn more at

More Network Security Articles:
• Public Key Infrastructure
• Domain Name System (DNS) Vulnerabilities
• Understanding the Different Classes of Firewalls
• How to Secure Your Small Business Network
• Are You Meeting ISO 27000 Standards for Information Security Management?
• NMAP (Network Mapper) Port Scanner
• Firewall Rules
• Use of Taps and Span Ports in Cyber Intelligence Applications
• How to Tell if Someone is Lurking on Your Wireless Network
• Man in the Middle Attack