User Manual

RADIUS is the Remote Access Dial-In User Service, an Authorization, Authentication,

and Accounting (AAA) client-server protocol for when a AAA dial-up client logs in or out

of a Network Access Server. Typically, a RADIUS server is used by Internet Service

Providers (ISP) to performs AAA tasks. AAA phases are described as follows:

● Authentication phase: Verifies a user name and password against a local

database. After the credentials are verified, the authorization process begins.

● Authorization phase: Determines whether a request will be allowed access to a

resource. An IP address is assigned for the Dial-Up client.

● Accounting phase: Collects information on resource usage for the purpose of

trend analysis, auditing, session time billing, or cost allocation.

Wi-Fi Protected Access* (WPA)

Wi-Fi Protected Access (WPA) is a security enhancement that strongly increases the

level of data protection and access control to a WLAN. WPA mode enforces 802.1x

authentication and key-exchange and only works with dynamic encryption keys. To

strengthen data encryption, WPA utilizes its Temporal Key Integrity Protocol (TKIP).

TKIP provides important data encryption enhancements that include a per-packet key

mixing function, a message integrity check (MIC) named Michael an extended

initialization vector (IV) with sequencing rules, and a also re-keying mechanism. Using

these improvement enhancements, TKIP protects against WEP's known weaknesses.

PEAP

PEAP is a new Extensible Authentication Protocol (EAP) IEEE 802.1x authentication

type designed to take advantage of server-side EAP-Transport Layer Security (EAP-TLS)

and to support various authentication methods, including user's passwords and one-time

passwords, and Generic Token Cards.

Cisco LEAP