52 CHAPTER 4: MANAGING DEVICE S ECURITYDefining Port-BasedAuthentication(802.1X)Port-based authentication authenticates users on a per-port basis via anexternal server. Only authenticated and approved system users cantransmit and receive data. Ports are authenticated via the RADIUS serverusing the Extensible Authentication Protocol (EAP). Port-basedauthentication includes:■ Authenticators — Specifies the device port which is authenticatedbefore permitting system access.■ Supplicants — Specifies the host connected to the authenticatedport requesting to access the system services.■ Authentication Server — Specifies the server that performs theauthentication on behalf of the authenticator, and indicates whetherthe supplicant is authorized to access system services.Port-based authentication creates two access states:■ Controlled Access — Permits communication between thesupplicant and the system, if the supplicant is authorized.■ Uncontrolled Access — Permits uncontrolled communicationregardless of the port state.This section includes the following topics:■ Viewing 802.1X Authentication■ Defining 802.1X Authentication
