The following table lists terms and definitions used in this Authentication configuration discussion.
Term | Definition |
---|---|
Authentication Server (AS) | An entity providing authorization services to an authenticator using RADIUS. The authentication server may be on the same device or be at a remote location. |
Authenticator | The switch seeking authentication from the authentication server for a supplicant. |
Auto-tracking agent | A form of authentication that authenticates those sessions that are not captured by the other supported MultiAuth authentication agents (quarantine, 802.1x, PWA, MAC, CEP, and RADIUS snooping). |
Convergence End Point (CEP) | A protocol capable of detecting an IP telephony or video device on a port and dynamically applying a specific policy to the port. |
Domain Name System (DNS) | Serves as a means for the Internet to translate human-readable computer hostnames, e.g. www.example.com, into the IP addresses. |
Dynamic Host Configuration Protocol (DHCP) | A protocol used by networked clients to obtain various parameters necessary for the clients to operate in an Internet Protocol (IP) network. |
Extensible Authentication Protocol (EAP) | A protocol that provides the means for communicating the authentication information in an IEEE 802.1x context. |
IEEE 802.1x | An IEEE standard for port-based Network Access Control that provides authentication to devices attached to a LAN port, establishing a point-to-point connection or preventing access from that port if authentication fails. |
MAC-based Authentication | A means of authenticating a device attempting to gain access to the network based upon the device MAC address and a secret keyword known to the authenticator and the RADIUS application on the authentication server. |
Multi-user Authentication | The ability to appropriately authenticate multiple supplicants on a single link and provision network resources, based upon policy associated with each supplicant. |
MultiAuth Authentication | The ability to authenticate multiple authentication modes for a user and applying the authentication mode with the highest precedence. |
Port Web Authentication (PWA) | A means of authenticating a user by utilizing a web browser for the login process to authenticate to the network. |
Quarantine agent | A form of authentication that depends upon the existence of one or more configured quarantine policy rules, with each rule associated with a policy profile that determine the action should the quarantine agent be used to authenticate the device. |
RADIUS Filter ID | An Extreme Networks proprietary string formatted in the RADIUS Access-Accept packet sent back from the authentication server to the switch containing either the policy to apply to the supplicant, the management type for the port, or both. |
RADIUS Protocol | An AAA (Authentication, Authorization, and Accounting) protocol for controlling access to network resources used by ISPs and corporations managing access to Internet or internal networks across an array of access technologies. |
Supplicant | The user or device seeking access to network resources. |