Wired Unified Authentication
The Nile Access Service introduces Parallel Authentication, a unified approach to network authentication that simplifies the traditionally complex process of managing multiple authentication methods. This feature streamlines the authentication process for both wired and wireless connections, reducing complexity and improving security.
- Unified Wired and Wireless Authentication: Simplifies network management by using a single authentication framework for both wired and wireless connections.
- Reduced Complexity: Minimizes the number of settings administrators need to configure, making setup and maintenance easier.
- Automatic Handling of Device Quirks: Addresses common issues, such as VoIP phones defaulting to 802.1X, without administrator intervention.
- Enhanced Security: Ensures all devices are properly authenticated before gaining network access.
- Flexible Authentication Options: Supports various authentication methods, including MAC Authentication Bypass (MAB), 802.1X, and Single Sign-On (SSO).
The Nile Access Service's Parallel Authentication process operates as follows:
For wired connections, the system simultaneously attempts MAC Authentication Bypass (MAB) and 802.1X authentication (if a RADIUS server is configured).
- If a specific MAB rule exists for a device, it takes precedence.
- If no specific MAB rule exists, the system uses the RADIUS server's decision.
- Devices without specific MAC rules are placed in a temporary "allow" segment.
- This segment provides a short-lease IP address, enabling the device to perform SSO.
- After a successful SSO, the device moves to the designated "wired SSO" segment.
The Nile Access Service simplifies the configuration process:
- Simplified Settings: Administrators need to configure fewer settings compared to traditional systems.
- RADIUS Integration: Choose between Nile's built-in MAC authentication or integrate with your existing RADIUS server for MAC authentication.
- Automatic Precedence Handling: The system automatically manages authentication precedence, eliminating the need for complex rule sets.
Many VoIP phones default to using 802.1X, which can cause issues in networks not configured for it. The Nile Access Service's Parallel Authentication automatically handles this scenario:
- The phone attempts 802.1X authentication.
- Simultaneously, the system checks for a MAB rule for the phone.
- If a MAB rule exists, it takes precedence, allowing the phone to connect without 802.1X credentials.
This process happens automatically, requiring no special configuration from the administrator.
The Nile Access Service's Parallel Authentication feature significantly simplifies network authentication management. By unifying wired and wireless authentication, automatically handling device quirks, and providing flexible authentication options, it reduces the complexity of network management while enhancing security.
For more information on configuring and optimizing Parallel Authentication for your network, please refer to the Nile Customer Portal or contact your Nile support representative.
