Summary

This module discussed the use of Cisco Identity-Based Networking Services (IBNS) to enhance Layer 2 security. Students should now be able to explain how Cisco IBNS improves the security of physical and logical access of local area networks. Students will also be able to describe how 802.1x provides port-based identity network access control. Students should also be able to define the role of each 802.1x component. This module also included a discussion that described how 802.1x uses Extensible Authentication Protocol (EAP). Students should now be able to select the appropriate EAP type to meet a given set of network requirements. Students should also be able to describe how Cisco Secure Access Control Server (ACS) provides RADIUS based AAA services for use with 802.1x.

This module also introduced the tasks involved in configuring 802.1x port-based authentication on a Catalyst switch. Students should now be able to enable 802.1x authentication and configure the RADIUS server parameters on the switch. Students should also be able to enable periodic re-authentication of the client. This module discussed the re-authentication of the client connected to a specific port at any time. Students should be able to demonstrate the configuration of a switch to allow multiple hosts. Students should be able to discuss the steps that are necessary to reset the 802.1x configuration to the default values.