| Device authentication is a solution enabling an organization to manage both users and devices.
The application typically uses either shared known information (e.g., Media Access Control [MAC] or Transmission Control Protocol/Internet Protocol [TCP/IP] addresses) for identification or an organizational authentication solution (e.g., IEEE 802.1x and Extensible Authentication Protocol [EAP], Radius server with EAP-Transport Layer Security [TLS] authentication, Kerberos) to identify and authenticate devices on local and/or wide area networks.
Bidirectional authentication provides a means for both connecting parties to mutually authenticate one another, and cryptographic authentication provides a secure means of authenticating without the use of clear text passwords.
This requirement is intended to address devices that manage or allow wireless devices to connect to the network. This does not apply to an AS.
|
