Security Architecture: Port Security Flashcards
Why do we need port security?
In this episode, we’ll discuss port security, including simple Media Access Control (MAC) address implementations and more complex 802.1X environments using Extensible Authentication Protocol (EAP).
Port security is a fundamental aspect of network-security infrastructure that pertains to the control and protection of physical network-access points, such as Ethernet ports, within an organization. It aims to help prevent unauthorized devices from connecting to the network by enforcing strict authentication and authorization protocols.
What are the two elements when it comes to port security?
802.x and Command Line Port Security (Limiting to only one device to each port)
What is IEEE 802.1x?
What is IEEE 802.1X? (Another way of NAC)
One widely used approach for port security is IEEE 802.1X, a standard that defines port-based network access control. IEEE is short for Institute of Electrical and Electronics Engineers.
With 802.1X, devices attempting to connect to a network port are required to undergo an authentication process before being granted access. This process involves three key components: the supplicant (the connecting device), the authenticator (the network switch or access point), and the authentication server (which verifies user credentials).
In the context of 802.1X, EAP is crucial because it’s a framework that enables various authentication methods to be used within the 802.1X framework. This flexibility allows organizations to choose the most suitable authentication mechanism for their environment. EAP methods can include:
Username and password.
Digital certificates.
Tokens.
Additionally, there are more advanced EAP methods including biometric authentication.
What is the process of 802.1x?
When a device connects to a network port, it sends an EAP request to the authenticator, which forwards it to the authentication server. The server then verifies the credentials provided by the device and informs the authenticator whether access should be granted or denied. If the authentication is successful, the port is enabled for data communication; otherwise, the port remains inactive, ensuring that only authorized devices are allowed to access the network.
