What is Wi-Fi authentication?

Enterprise authentication refers to a method of protecting a Wi-Fi Network.  Typically, this is accomplished by the Wi-Fi Alliance WPA2-Enterprise protocol using IEEE 802.1x authentication.  The 802.1x standard defines the encapsulation of Extensible Authentication Protocol (EAP) messages over a computer network.

Wi-Fi Protected Access (WPA) and Wi-Fi Protected Access II (WPA2) are two security protocols developed by the official Wi-Fi Alliance to secure wireless computer networks.

Different WPA protection mechanisms can be distinguished based on the target end-user (according to the method of authentication key distribution).

Here are the three authentication key distribution options:

  1. WPA-Personal (WPA-PSK, WPA2-PSK) - is designed for home and small offices, it uses a pre-shared key (PSK) instead of an authentication server.
  2. WPA-Enterprise (WPA, WPA-EAP, WPA2-EAP, WPA-Enterprise, WPA2-Enterprise, and WPA-802.1X ) - is designed for enterprise networks, and requires a RADIUS authentication server.  Various types of Extensible Authentication Protocol (EAP) messages are used for authentication.
  3. Wi-Fi Protected Setup (WPS) - uses a PIN number for simplified security and authentication setup

There are currently about forty different EAP message types.  The Komodo Eye Device supports the following:

  1. TLS - requires a username and X.509 Certificate Authority (CA), private key and public key
  2. PEAP - chains together multiple EAP mechanisms, and requires specifying the secondary mechanism of either MD5, MSCHAPv2, GTC, or TLS.
    • MD5, MSCHAPv2 and GTC require a username and password
    • TLS has the same requirements listed above (username, CA, private and public key)
  3. TTLS - extends TLS making use of a tunnel to the client, and requires specifying a secondary mechanism of either MD5, MSCHAPv2, GTC, or TLS.
    • MD5, MSCHAPv2 and GTC require a username and password
    • TLS has the same requirements listed above (username, CA, private and public key)

 

Have more questions? Submit a request

14 Comments

Please sign in to leave a comment.
Powered by Zendesk