HomeNews

The Alliance That Says EAP

Eric Griffith
By Eric Griffith

The Wi-Fi Alliance—the industry consortium of companies that handles testing of 802.11-based products to make sure they’ll play nice together—is expanding its security testing to include four more Extensible Authentication Protocols , also known at EAP types.

The EAP types are used when Wi-Fi based hardware communicates using 802.1X authentication and a RADIUS server to make sure the hardware is valid. Not all networks use the same EAP types—they must be set by the IT people—and not all hardware supports all EAP types.

Frank Hanzlik, the managing director of the Alliance’s day-to-day operations, says the group is “excited, because this expands the certification program to better replicate solutions that are out there.”

The Alliance had, in fact, already been testing for one type, Transport Layer Security (EAP-TLS). Added to that will be the following:

  • EAP-TTLS/MSCHAPv2
  • PEAPv0/EAP-MSCHAPv2
  • PEAPv1/EAP-GTC
  • EAP-SIM

The Alliance chose these particular EAP types because they “are among the non-proprietary EAP types commonly used by multiple vendors,” according to the group’s frequently asked questions (FAQ) on the subject.

Other popular EAP types exist—in particular, the Cisco-created Lightweight EAP (or LEAP), and the more recent Cisco-backed Flexible Authentication via Secure Tunneling (EAP-FAST). Hanzlik says the program could expand to these EAP types in the future “as it makes sense.” Anything that takes off is a candidate for inclusion.

The new testing builds on the testing the Alliance began for Wi-Fi Protected Access (WPA) in 2003, as well as last year’s upgrade of that to WPA2 (which came after the 802.11i security standard was finalized). WPA is currently required of all vendors.

The testbed used for certifying EAP types will include RADIUS server software and supplicants (client software) from companies like Microsoft, Funk Software, Meetinghouse Software, and Devicescape Software.

The addition of new features means another change to the Wi-Fi Certified seal of approval that appears on packaging. In this case, the certificates will be available for viewing on the Alliance Web site or the shipping documents of a product.

The certification for EAP types is only for hardware products such as client cards and access points. The Alliance will not be testing 802.1X/RADIUS solutions, whether on the server, locally, or hosted. Certification will also be limited to enterprise class products—it won’t be needed on consumer products for home networks.

Vendors of Wi-Fi equipment that belong to the Alliance can start to sign up for the queue of EAP testing as of Friday, April 15. The Alliance has published a white paper on deploying WPA2 in the enterprise, which covers use of EAP in 802.1X deployments. It is available for free on the Alliance’s Web site.

Eric Griffith
Eric Griffith
Previous article
EMC to Challenge NetApp at The High End
Next article
The RIAA is After Student Pirates

Similar Posts

Get the Free Newsletter!

Subscribe to our newsletter.

Subscribe to Daily Tech Insider for top news, trends & analysis

News Around the Web

InternetNews is a source of industry news and intelligence for IT professionals from all branches of the technology world. InternetNews focuses on helping professionals grow their knowledge base and authority in their field with the top news and trends in Software, IT Management, Networking & Communications, and Small Business.

Advertisers

Advertise with TechnologyAdvice on InternetNews and our other IT-focused platforms.

Advertise with Us

Menu

Our Brands

Property of TechnologyAdvice.
© 2024 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.