The 802.1X protocol facilitates the authentication of devices attached to local network ports. In the event of an authentication failure, access from a specific port is denied. It enables the control of access to wired and wireless networks. Its use eliminates the danger of unauthorized network access at the network access layer.
There are several methods by which a network can be prepared for 802.1X support in NACVIEW.
- Active Directory,
- A certificate generated in our or another PKI system may be used to facilitate login,
- A user may also log in using the credentials associated with an account created in NACVIEW. This may be accessed via the following menu path: Menu > Objects > Identities.
| Form fields | Policy, giving access for 802.1X users |
|---|---|
| Name | Type any name |
| Authentication method to the network | EAP (Optional: PEAP or TLS, if you want to allow login for a password or certificate) |
| Action | Access to vlan |
| Send VLAN tag back | Yes (checkbox) |
| Vlan | Select from the list the VLAN to be assigned to the users of the organization |
| No defined Identites means | Any Identities |
| Any Identities means | Any active Identities defined in the system |
| Group of Identities | Select groups from the list if the identities have been previously grouped |
| Identities of authorization servers | Select an identity synchronization authorization server with AD from the list or leave the field blank |
| Undefined Endpoints means | Any Endpoints |
| Network device | Select from the list the WiFi controllers and/or network devices on which the authorization service will be activated |
| WiFi network | Optional: if you selected a wifi controller above, select the SSID |