Cisco SR224T Administration Guide - Page 241

Configuring Security Configuring 802.1X 17 • Trap Frequency-Enter minimum time (in seconds) that elapses between traps. STEP 4 Click Apply. Port security is modified, and the Running Configuration file is updated. Configuring 802.1X Port-based access control has the effect of creating two types of access on the switch ports. One point of access enables uncontrolled communication, regardless of the authorization state (uncontrolled port). The other point of access authorizes communication between a host and the switch. The 802.1x is an IEEE standard for port-based network access control. The 802.1x framework enables a device (the supplicant) to request port access from a remote device (authenticator) to which it is connected. Only when the supplicant requesting port access is authenticated and authorized is it permitted to send data to the port. Otherwise, the authenticator discards the supplicant data. Authentication of the supplicant is performed by an external RADIUS server through the authenticator. The authenticator monitors the result of the authentication. In the 802.1x standard, a device can be a supplicant and an authenticator at a port simultaneously, requesting port access and granting port access. However, this device is only the authenticator, and does not take on the role of a supplicant. The following varieties of 802.1X exist: • Single session 802.1X: - Single-session/single host-In this mode, the switch, as an authenticator, supports a single 802.1x session and grants permission to use the port to the authorized supplicant. All access by other devices received from the same port are denied until the authorized supplicant is no longer using the port or the access is to the unauthenticated VLAN. - Single session/multiple hosts-This follows the 802.1x standard. In this mode, the switch as an authenticator allows any device to use a port as long as it has been granted permission. Cisco Small Business 200 Series Smart Switch Administration Guide 242