|
|
 |
| X-Calibur |
| 802.1X Port Security |
|
X-Calibur
is an embedded and highly interoperable
implementation of the IEEE 802.1X protocol which provides
secure and flexible authentication in wired and wireless
switches. It adds access authentication services to a
supplicant or an authenticator in any scenario where one
can abstract out the notion of a “network access port”,
such as authenticated Ethernet networks and wireless (WLAN)
networks. It includes both an authenticator and
supplication Port Access Entity (PAE) and is validated for
standalone use and for use with Wired Equivalence Privacy
(WEP) and Wireless Protected Access (WPA) mechanisms in
WiFi® networks. X-Calibur's small footprint and extensive
support for various authentication mechanisms are ideally
suited for use in enterprise and infrastructure oriented
wired and wireless switches, gateways and access points.
|
|
|
|
|
|
|
|
|
|
|
|
X-Calibur is a standards-based, small-footprint implementation of
the Port-based Network Access Control (IEEE 802.1X PNAC)
protocol for embedded devices . It implements the role of a
client seeking access to a network ("Supplicant") or
that of a gatekeeper to the network ("Authenticator")
and enables communications to any standard
Authentication Server in multi-platform networks.
X-Calibur’s is provided as a very flexible and
customizable component which implements an 802.1X
framework based on the IETF Extensible Authentication
Protocol over LAN (EAPoL) messages. X-Calibur allows the
use of a number of EAPoL based authentication protocols
such as passwords, EAP-TLS (EAP over Transport Layer
Security), EAP-TTLS (EAP over Tunneled TLS), EAP-Kerberos,
PEAP (Protected EAP), one-time passwords, etc.
X-Calibur can be used to provide authentication in a
standalone fashion in both wired and wireless networks,
and as an 802.11 (WiFi) protocol companion, can also be
used to provide dynamic key sharing with WEP and as a
part of the enterprise/infrastructure mode of WPA (and
the soon-to-be ratified IEEE 802.11i standard). X-Calibur
can also provide similar authentication services in non-Wi-Fi
contexts such as WiMAX and Ethernet devices. |
|
 |
Features |
 |
 |
 |
|
 |
Supplicant and Authenticator PAE. |
|
|
Implements IEEE 802.1X PNAC. |
|
|
Provides APIs for any EAP implementation. |
|
|
Works with wired (Ethernet) and wireless (WLAN/802.11)
networks. |
|
|
802.1X MIB Support. |
|
|
Support for CPU types of either endian-ness
including PowerPC, MIPS, X86, ARM/XScale. |
|
|
Royalty-free, full-source distribution. |
|
|
 |
 |
 |
 |
|
|
|
|
 |
|
|
X-Calibur includes management capabilities
to maintain and retrieve Authenticator statistics through a MIB
interface, and to override the protocol by statically
configuring the access control of an authenticator port. It also
includes reference implementations for custom EAPoLs to hook up
into the X-Calibur framework.
X-Calibur’s robustness and lean implementation, and highly
configurable design make it an ideal fit for resource-limited
embedded environments. |
|
|
|
 |
|
|
|
X-Calibur has been
extensively validated on a variety of CPU architectures, which
minimizes development and integration efforts. X-Calibur supports memory
partitions and native OS services. It enables secure authentication for
network access applications with the fewest changes required for
integration. |
|
|
|
VxWorks Edition Features |
|
|
Provides a flexible
framework-style implementation to make it easy to plug
in new authentication modules for EAP |
|
|
Can be combined with
TeamF1's AuthAgent RADIUS for RADIUS client extensions
support |
|
|
Includes password
based EAP (EAP-MD5), EAP-TLS, EAP-TTLS and PEAP
reference implementations. |
|
|
Enhanced memory management and partition support |
|
|
Flexible hooks to
configure operational parameters of supplicant &
authenticator |
|
|
Requires no special OS or networking source |
|
|
|
|
|
|
