Ask the Expert

Confusion about 802.1x authentication methods

As I read through all materials related to 802.1x, many articles mentioned that "to deploy 802.1x, you'll need to select an authentication method, such as EAP-MD5 and EAP-TLS" (Lisa Phifer) and "802.1x with EAP support multiple authentication methods, such as token cards, Kerberors, one-time passwords, certificates, and public key authentication." (Jim Geier). They are all talking about the "authentication methods" supported by 802.1x and EAP.

It's not clear to me: Does that mean when deploying 802.1x, we can use EAP-MD5, EAP-TLs, token cards, Kerberors, one-time passwords, or certificates as the authentication method? (Some others even call these "authentication types" and make it even more confusing). Or do EAP-MD5, EAP-TLs, etc. and token cards, Kerberors, etc. actually play different roles in 802.1x and EAP infrastructure?

Please help me to clarify this issue and thanks in advance.

    Requires Free Membership to View

The 802.1x framework utilizes Extensible Authentication Protocol (EAP) as a way to authenticate and control traffic on protected wired and wireless networks. 802.1x is just a framework that various products support. When using this framework, you can use EAP for authentication of the traffic. Within EAP, you can choose one of the various authentication methods (tokens, PKI, etc.) Check out the following links for more information:

802.1X -

This was first published in September 2003

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: