Term
| Acceptable Use Policy (AUP) |
|
Definition
| An agreement that a guest or BYOD user must accept before gaining access to a network. |
|
|
Term
| authentication server (AS) |
|
Definition
| This looks up the identity of the authentication request (either from a local store or from a distributed identity store) and authenticates them for access to the network. It can also provide policy for how new clients should be handled. It is sometimes referred to as a Network Authentication Server (NAS). |
|
|
Term
|
Definition
| A network device that communicates with the supplicant to receive the username and password from the client. |
|
|
Term
| Bring Your Own Device (BYOD) |
|
Definition
| A common modality used in wireless networks where the users bring their own mobile devices and gain access to the network through an onboarding process. |
|
|
Term
| central web authentication (CWA) |
|
Definition
| A method of redirecting BYOD and guest users where the redirection URL and the pre-WebAuth ACL are centrally configured on ISE and communicated to the controller via RADIUS. |
|
|
Term
| EAP (Extensible Authentication Protocol) |
|
Definition
| EAP is an authentication framework used extensively in wireless networks for the handling of access credentials between a client device and an authentication server. |
|
|
Term
| EAP-FAST (Flexible Authentication via Secure Tunnels) |
|
Definition
| Similar to PEAP, a tunneled EAP method. Uses Protected Access Credentials (PACs) on the client to help improve fast roaming in wireless environments. |
|
|
Term
| EAP-TLS (Transport Layer Security) |
|
Definition
| An EAP inner-method that utilizes X.509 certificates on both the client and authentication server. |
|
|
Term
|
Definition
| The place where the client credentials are stored. This is typically kept in an LDAP server. |
|
|
Term
|
Definition
| A standard for port-based network access control (NAC). This provides a method for authentication of devices connecting to a network. |
|
|
Term
| Lightweight Directory Access Protocol (LDAP) |
|
Definition
| Lightweight Directory Access Protocol (LDAP) An open, standards-based protocol used by the authentication server to access device and user identity stores. Microsoft Active Directory (AD) is an example of a popular server of this used by many companies. |
|
|
Term
| local web authentication (LWA) |
|
Definition
| A method of redirecting BYOD or guest users to a portal directly from the wireless controller. |
|
|
Term
|
Definition
| a tunneled EAP method that protects inner EAP methods, such as MSCHAPv5 or EAP-GTC. |
|
|
Term
| Remote Authentication Dial-In User Service (RADIUS) |
|
Definition
| A UDP-based networking protocol that provides centralized authentication, authorization, and accounting (AAA) management for users connecting to a network service. |
|
|
Term
|
Definition
| The supplicant is a piece of software running on the client device that provides the username and password to the authenticator over EAP. |
|
|
Term
| Wi-Fi Protected Access (WPA) |
|
Definition
| security compatibility standards used by the Wi-Fi Alliance, which leverage EAP. This standard was developed in response to vulnerabilities discovered in WEP. |
|
|
