Wired Unified Authentication

10 min

overview the nile access service introduces parallel authentication, a unified approach to network authentication that simplifies the traditionally complex process of managing multiple authentication methods this feature streamlines the authentication process for both wired and wireless connections, reducing complexity and improving security key benefits unified wired and wireless authentication simplifies network management by using a single authentication framework for both wired and wireless connections reduced complexity minimizes the number of settings administrators need to configure, making setup and maintenance easier automatic handling of device quirks addresses common issues, such as voip phones defaulting to 802 1x, without administrator intervention enhanced security ensures all devices are properly authenticated before gaining network access flexible authentication options supports various authentication methods, including mac authentication bypass (mab), 802 1x, and single sign on (sso) how it works the nile access service's parallel authentication process operates as follows simultaneous authentication attempts for wired connections, the system simultaneously attempts mac authentication bypass (mab) and 802 1x authentication (if a radius server is configured) intelligent decision making if a specific mab rule exists for a device, it takes precedence if no specific mab rule exists, the system uses the radius server's decision wired sso integration devices without specific mac rules are placed in a temporary "allow" segment this segment provides a short lease ip address, enabling the device to perform sso after a successful sso, the device moves to the designated "wired sso" segment flowchart of the parallel authentication process configuration and management the nile access service simplifies the configuration process simplified settings administrators need to configure fewer settings compared to traditional systems radius integration choose between nile's built in mac authentication or integrate with your existing radius server for mac authentication automatic precedence handling the system automatically manages authentication precedence, eliminating the need for complex rule sets use cases voip phone authentication many voip phones default to using 802 1x, which can cause issues in networks not configured for it the nile access service's parallel authentication automatically handles this scenario the phone attempts 802 1x authentication simultaneously, the system checks for a mab rule for the phone if a mab rule exists, it takes precedence, allowing the phone to connect without 802 1x credentials this process happens automatically, requiring no special configuration from the administrator authentication source a wired device connects to using either 802 1x or mac auth or sso nile can display the stage the device is in when connected following are the states sso session expired when using wired sso, this status indicates when a devices is connected to the network but the session has expired sso initiated this status indicates that a sso session has been intiated but no response has been received from the idp admin enforced sso re authentication if an admin enforced sso for a user this status will be displaued sso user deactivated sso pending sso denied sso approved 802 1x approved or denied conclusion the nile access service's parallel authentication feature significantly simplifies network authentication management by unifying wired and wireless authentication, automatically handling device quirks, and providing flexible authentication options, it reduces the complexity of network management while enhancing security for more information on configuring and optimizing parallel authentication for your network, please refer to the nile customer portal or contact your nile support representative