migilles Thu, 07/31/2008 - 15:31
User Badges:
  • Cisco Employee,

Yes is based on customer requirements. If going the 802.1x route, would suggest EAP-FAST, PEAP or EAP-TLS. Can then use WPA or WPA2 depending on the level of security and encryption required. However, when using 802.1x, we recommend to implement CCKM (fast roaming), which is supported only with WPA(TKIP). Some customers rather go with the standards (i.e. PEAP vs EAP-FAST). In the future the 7921, will be able to do server validation as well by installing the authentication server certificate. For EAP-TLS, this requires higher management due to having to issue client certificates.


This Discussion