Extensible Authentication Protocol over LAN (EAPoL or EAP) is a port-based network access control protocol. EAP provides security by preventing users from accessing network resources before they are authenticated. The EAP authentication feature prevents users from accessing a network to assume a valid identity and access confidential material or launch denial-of-service attacks.
You can use EAP to set up network access control on internal LANs and to exchange authentication information between an end station or server that connects to a switch and an authentication server (such as a RADIUS server). This security feature extends the benefits of remote authentication to internal LAN clients. For example, if a new client PC fails the authentication process, EAP prevents the new client PC from accessing the network.