Portnox White Paper

802.1X Authentication is Simpler than You Think


Executive Summary

The following whitepaper presents existing challenges with the IEEE 802.1X standard for port-based Network Access Control (NAC) and authentication, suggesting that much of the frustration centers on deployment, the complexity of integration, the need for expensive hardware, and issues authorizing access based on level of device compliance. It then presents some of the benefits that 802.1X authentication affords, such as integrated management, ease of use in setting access permissions and enhanced security that is not based on pre-shared keys (PSKs). With both the challenges and benefits in mind, the whitepaper presents Portnox CLEAR – a turn-key solution for 802.1X from the cloud that maximizes the benefits and applications of the authentication standard.

The Pain of 802.1X Authentication

The 802.1X standard for authenticating access to wired and wireless networks has met with a good deal of scrutiny in recent years. While 802.1X was considered a success when initially implemented on wired networks, with the shift to wireless networks, the growth of the geo-distributed organizations and the proliferation of internet-connected devices, the tides of
opinion shifted, casting 802.1X in a negative light due to the difficulty and sheer expense of implementation.

Deployment of 802.1X is the main pain point as it requires support from RADIUS/AD servers at every location, making authentication available only when devices are physically present in the office, and requiring manual configuration of endpoints with an agent. This makes the implementation of 802.1X daunting, often taking systems administrators and engineers weeksto configure (and even more if a user repository is not already in place). This can take even longer (and cost much more) if being implemented in a geo-distributed organization that needs continually authenticate endpoints. As a result, deployment of 802.1X authentication protocols often feel like more of a headache than a help.

So Why Reconsider 802.1X?
Aside from implementation woes, 802.1X remains the one of the best ways to authenticate devices because of its continuous and direct communication with the authenticating, as opposed to pre/post scanners or other less secure authentication solutions that expose the network to vulnerabilities (see more below)


Get Your Exclusive Copy Now!