Cisco System’s acquisition last July of Meetinghouse Data Communications — a maker of RADIUS server software and clients supporting 802.1X authentication — has led directly to the networking giant now offering its own 802.1X client (also known as a supplicant).
Cisco Secure Services Client 4.0 is meant to work with any RADIUS/802.1X server, but replaces the “hodgepodge of supplicants” Cisco used to support, according to Ben Gibson, Cisco’s director of wireless marketing. Gibson says this release is “key to our strategy of having meaningful unification of wired and wireless. It has to happen not only on infrastructure, but also clients.”
“This release is a key step forward… you can have true single sign-on capability,” Gibson says. “For IT, they can standardize supplicants across all devices.” They’ll also get visibility into the client systems that are logging on using a Cisco management application.
Cisco Secure Services Client 4.0 handles access control, authenticating a user with the RADIUS server before the user even gets handed an IP address to get on the Internet. It is, of course, optimized for use on a Cisco Unified Wireless Network, and works with Cisco’s Network Admission Control (NAC). It supports all the major Extensible Authentication Protocol (EAP) protocols as Meetinghouse did before, plus the major Wi-Fi encryption and security types (WEP, WPA and WPA2, in personal and enterprise modes).
“The direction we’re taking is to work with a host of providers for RADIUS authentication,” says Gibson. “There isn’t a specific tie-in from one server to ours.”
Is it really all that different, then, from the previous Meetinghouse supplicant? Consider that it now comes with the Cisco name and sells in Cisco channels, and that’s a big change all by itself both for customers and for a company that used to leave this to third parties.
“In the past, you had the supplicant piece from a third party and deployed separately: there was always a mish-mash,” says Gibson. “That caused a lot of issues in terms of interoperability, hosting devices… we believe it was an inhibitor. This shouldn’t be a third-party piece. It should all be one and the same. And it should be part of the wireless network.”
“It has to be easy to do… otherwise wireless LANs won’t grow at the clip expected by everyone,” Gibson says.
