This module discussed the use of Cisco Identity-Based Networking Services
(IBNS) to enhance Layer 2 security. Students should now be able to explain how
Cisco IBNS improves the security of physical and logical access of local area
networks. Students will also be able to describe how 802.1x provides port-based
identity network access control. Students should also be able to define the
role of each 802.1x component. This module also included a discussion that
described how 802.1x uses Extensible Authentication Protocol (EAP). Students
should now be able to select the appropriate EAP type to meet a given set of
network requirements. Students should also be able to describe how Cisco Secure
Access Control Server (ACS) provides RADIUS based AAA services for use with
802.1x.
This module also introduced the tasks involved in configuring
802.1x port-based authentication on a Catalyst switch. Students should now be
able to enable 802.1x authentication and configure the RADIUS server parameters
on the switch. Students should also be able to enable periodic
re-authentication of the client. This module discussed the re-authentication of
the client connected to a specific port at any time. Students should be able to
demonstrate the configuration of a switch to allow multiple hosts. Students
should be able to discuss the steps that are necessary to reset the 802.1x
configuration to the default values.