What is endpoint security?

An authentication protocol is a type of computer communications protocol or cryptographic protocol specifically

designed for transfer of authentication data between two entities. It allows the receiving entity to authenticate the
connecting entity (e.g. Client connecting to a Server) as well as authenticate itself to the connecting entity (Server
VM Files to a client) by declaring the type of information needed for authentication as well as syntax. It is the most important
layer of protection needed for secure communication within computer networks.
Purpose

With the increasing amount of trustworthy information being accessible over the network, the need for keeping
unauthorized persons from access to this data emerged. Stealing someone's identity is easy in the computing world
- special verification methods had to be invented to find out whether the person/computer requesting data is really
who he says he is. The task of the authentication protocol is to specify the exact series of steps needed for
execution of the authentication. It has to comply with the main protocol principles:

1.A Protocol has to involve two or more parties and everyone involved in the protocol must know the protocol in
advance.
2.All the included parties have to follow the protocol.
3.A protocol has to be unambiguous - each step must be defined precisely.
4.A protocol must be complete - must include a specified action for every possible situation.
 Types

1. EAP.
Benefits of Print Management
2. PEAP.
Print Management saves the print administrator a significant amount of time installing printers on client computers and managing
and monitoring printers. Tasks that can require up to 10 steps on individual computers now can be accomplished in 2 or 3 steps on
3. EAP-FAST.
multiple computers simultaneously and remotely.
By using Print Management with Group Policy, you can automatically make printer connections available to users and computers
4. EAP-TLS.
in your organization. In addition, Print Management can automatically search for and install network printers on the local subnet
of your local print servers.
5. EAP-TTLS.

6. IEEE 802.1x.

7. Radius Federation.
 (EAP) Extensible Authentication Protocol
EAP was originally developed for PPP(Point-to-Point Protocol) but today is widely used in IEEE
802.3, IEEE 802.11(WiFi) or IEEE 802.16 as a part of IEEE 802.1x authentication framework. The latest
version is standardized in RFC 5247. The advantage of EAP is that it is only a general authentication
framework for client-server authentication - the specific way of authentication is defined in its many versions
called EAP-methods. More than 40 EAP-methods exist, the most common are:

EAP Transport Layer Security (EAP-TLS)

EAP Transport Layer Security (EAP-TLS), defined in RFC 5216, is an IETF open standard that uses
the Transport Layer Security (TLS) protocol, and is well-supported among wireless vendors. EAP-TLS is
the original, standard wireless LAN EAP authentication protocol.
 EAP Flexible Authentication via Secure Tunneling (EAP-FAST)

Flexible Authentication via Secure Tunneling (EAP-FAST; RFC 4851) is a protocol proposal by Cisco Systems as
a replacement for LEAP. The protocol was designed to address the weaknesses of LEAP while preserving the
"lightweight" implementation. Use of server certificates is optional in EAP-FAST. EAP-FAST uses a Protected
Access Credential (PAC) to establish a TLS tunnel in which client credentials are verified.
EAP-FAST has three phases:

EAP Tunneled Transport Layer Security (EAP-TTLS)

EAP Transport Layer Security (EAP-TLS), defined in RFC 5216, is an IETF open standard that uses
the Transport Layer Security (TLS) protocol, and is well-supported among wireless vendors. EAP-TLS is
the original, standard wireless LAN EAP authentication protocol.
 PEAP (Protected Extensible Authentication Protocol)

PEAP (Protected Extensible Authentication Protocol) is a version of EAP, the authentication protocol used in
wireless networks and Point-to-Point connections. PEAP is designed to provide more secure authentication for
802.11 WLANs (wireless local area networks) that support 802.1X port access control.

RADIUS Federation

RADIUS Federation is a federation service where access to the network is gained by using WAPs. EAP:
EAP is an authentication framework allowing point-to-point connections.
 PEAP (Protected Extensible Authentication Protocol)
PEAP (Protected Extensible Authentication Protocol) is a version of EAP, the authentication protocol used in
wireless networks and Point-to-Point connections. PEAP is designed to provide more secure authentication for
802.11 WLANs (wireless local area networks) that support 802.1X port access control.

RADIUS Federation
RADIUS Federation is a federation service where access to the network is gained by using WAPs. EAP:
EAP is an authentication framework allowing point-to-point connections.

IEEE 802.1X
802.1X authentication involves three parties: a supplicant, an authenticator, and an authentication server.
The supplicant is a client device (such as a laptop) that wishes to attach to the LAN/WLAN. The term
'supplicant' is also used interchangeably to refer to the software running on the client that provides credentials to
the authenticator.