Cloud 802.1x - Security Boulevard

Cloud 802.1x

Cloud 802.1x Security

IT admins have long been interested in the 802.1x protocol. Tools that can boost security have a way of gaining the attention of IT admins. Originally designed for wired port security on switches, the 802.1x protocol has now been adapted for use in WiFi networks as well. Taking it a step further, the concept of a cloud 802.1x solution has begun to intrigue IT admins.

What is Cloud 802.1x?

VLAN Assignment VLAN TaggingIn case you’re a bit confused by the terminology, said another way, a cloud hosted 802.1x implementation could also be called VLAN assignment or VLAN tagging from an end value perspective. When you look back at the history of 802.1x, it becomes apparent that its implementation was difficult to set up on wired networks.

The reason for this difficulty stems from the fact that traditionally, an 802.1x network required supplicants on endpoints. These endpoints were then coupled with a FreeRADIUS server which would be used to pass along authentications to an identity provider (IdP), usually Microsoft®Active Directory® (MAD or AD), or sometimes OpenLDAP™. With all of these moving parts, proper implementation presented quite the challenge to IT admins. So, while implementing 802.1x would no doubt increase the security of a given network, the level of difficulty to get it all to work remained pretty high. As a result, 802.1x wasn’t nearly adopted at the rate it should have been.

Fast Forward to WiFi

As networks shifted to WiFi and IT management infrastructure picked up and moved to the cloud, an opportunity emerged to make it much easier to deliver better network security. These innovations made it possible for IT administrators replicate just about everything to do with 802.1x implementations up into the cloud. No more on-prem RADIUS servers, IdPs like Active Directory to constantly maintain, or making sure each endpoint had the correct supplicant.

How Does 802.1x in the Cloud Work?

VLAN reply attributesA cloud 802.1x solution would include, out of the box, a RADIUS server with the ability to provide VLAN reply attributes as well as (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Ryan Squires. Read the original post at: