What is 802.1 X? How 802.1 X Authentication Works for Organizations

by

February 11, 2021

What is 802.1 X? The story of 802.1X authentication’s growth is like that of many new security technologies. Network administrators used to treat certain types of new security technology as too complicated for small to medium-sized businesses. These technologies were occasionally discussed but never given much thought.The reasoning was simple: “If we password protect everything, that’s good enough, right?”
But that reasoning was always flimsy. And as technology advances, it requires new and updated security layers to protect infrastructure and resources. Today, individuals and organizations ranging from small businesses to entire countries find themselves under attack threats. There is no rest for the weary when it comes to cybersecurity. Because of these ever-evolving risks, organizations have begun to look at those security technologies once dismissed with renewed interest.

Exactly what is 802.1 X? The term “802.1X” doesn’t mean much to the average individual. You might look at it and just see some random numbers. But it’s worth knowing: this security technology is incredibly beneficial in defending a network’s infrastructure.

What is network authentication security?

Think about the Wi-Fi network you use at home. You need to enter the password to use it, right? That’s a level of security on your network: it ensures that random people can’t just automatically connect to your Wi-Fi and, from there, could do some real damage. This type of protection is called a Pre-Shared Key Network (PKSN).

For organizations that deal with sensitive and valuable information, you need more security. Hackers can potentially capture a PSKN’s password over-the-air. And the more people who know a PSKN’s password, the more dangerous it can be. A disgruntled former employee, a malicious hacker posing as a guest, someone putting the password on a sticky note near their desk — these are all potential issues that come with a PSKN.

What is 802.1 X Authentication?

802.1X is the gold standard of network authentication security.
An 802.1X network has an authentication server. Each user who wants to gain access to the network has their information run through this server first. The server checks the user, and its approval allows the user to use the network.

802.1 X Benefits: How 802.1 x Authentication Works for Organizations

When it comes to how 802.1 x Authentication Works for Organizations, an 802.1 X network doesn’t rely on just one shared password like a PSKN. As an example, if an employee leaves the company, their credentials can be revoked. So, if they try to log in later, they won’t be able to access the network. In a PSKN, the two options would be risking unauthorized entry by not changing the password… or inconveniencing everyone else who uses the network by changing the password.

Another benefit is that users can be assigned levels of access to the network. Not everyone in your network likely needs the same (full) level of access. A junior-level employee probably doesn’t need complete control or access to every piece of sensitive information. And you should always limit the amount of access to as few people as possible. 802.1X makes this easier.

802.1X: Certificate-based authentication vs. credential-based authentication

We mentioned that users on an 802.1X network need to run their information through the authentication server. What information determined access?

There are two primary options for how 802.1 X authentication works: certificate-based and credential-based authentication.

Credential-based authentication

Credential-based authentication relies on user-defined credentials — think a username and password. It puts the responsibility in the user’s hands, and because of that, it’s the insecure option. Hackers can still steal a user’s credentials over the air, and users are still at risk from phishing attacks.

Certificate-based authentication

Certificate-based authentication relies on the server/certificate issuer, which identifies the user or device based on the certificate.

  • The end-user device (such as a desktop or laptop) is provided with a certificate that establishes their identity.
  • The network has an authentication server that interacts with the end-user device.
  • Once identity is verified, the machine can use the network.

This authentication is the more secure option because it does not rely simply on the user’s credentials. It prevents over the air theft of credentials and, depending on the situation, a phishing attack might be ineffective.

How 802.1 X Authentication Works: 802.1 X implementation

The least exciting part about this kind of security is preparing and defining rules for everyone in the organization to follow. To make the most out of how 802.1 X authentication works, and have proper protection for the network, the organization needs to have the following:

  1. Defined, written, and followed IT Security Policies. An assortment of rules and guidelines (or worse, nothing) makes it easier for unauthorized behavior to happen undiscovered.
  2. Control and inventory of all machines deployed for the organization. Technology management is necessary for companies for several reasons but is especially crucial if you’re dealing with certificate-based security for your network.
  3. Designed and defined network infrastructure that will support the use of 802.1X. Your usage of 802.1X can be a pleasure or a pain — professional 802.1X solutions can make your network feel seamless.
  4. Knowledgeable Network Administrator or Managed Services Provider to support the implementation. The only thing worse than implementing something is implementing something and then letting it gather dust. Maintaining a solution like this is critical to making sure it stays functional and works great.
What is 802.1 X? The Bottom Line

What is 802.1 X? Essentially, 802.1X is a secure network authentication security system for your network. Even if you’re a smaller organization, you should consider more robust network security and cybersecurity services if you’re dealing with sensitive data. Technology like 802.1X is not an unreasonable solution to implement. Instead, solutions like this are becoming more important to protect networks at an elevated level. With solutions like 802.1X, companies can feel more secure in the safety of their data.

Interested in learning more about how 802.1 x authentication works and how Integris can help you implement 802.1X for your business? To find out more about 802.1 X technology and other security measures like backup and disaster recovery, firewall management, and RMM software, reach out and start the conversation today.

We do IT differently.

Find out what sets us apart from all the other IT companies out there.

Nick McCourt is a vCISO, CISSP at Integris.

Keep reading

How to Run Governance on Your Security Awareness Training Program

How to Run Governance on Your Security Awareness Training Program

Has your company decided to take the plunge, and start a regular schedule of monthly online security awareness trainings for your employees? Great! You’ve just taken a big step toward hardening your cybersecurity defenses. Now what? Chances are, you’ve purchased a...

What Can Cybersecurity Awareness Training Do for My Company?

What Can Cybersecurity Awareness Training Do for My Company?

Global spending on employee cybersecurity awareness training is predicted to exceed $10 billion USD by 2027, up from around $5.6 billion USD in 2023, according to the latest estimates from Cybersecurity Ventures. Why? Because more companies than ever are realizing...

Third Party Vendor Risk Management: A Guide for Law Firms

Third Party Vendor Risk Management: A Guide for Law Firms

You've bought the cybersecurity tools your MSP recommended to manage your cybersecurity. You use a permission-based platform to transfer client files back and forth. Your firm should be covered for data breaches, especially third-party vendor risk, right? Tell that to...