Firmware Pages and Descriptions
120
10" Modero Touch Panels
EAP Security’s Using Server Certificates - Overview
The following EAP types all support a server certificate:
EAP-PEAP
EAP-TTLS
EAP-TLS
All three of these certificate-using security methods are documented in the following sections. EAP
Authentication goes a step beyond just encrypting data transfers, but also requires that a set of credentials be
validated before the client (panel) is allowed to connect to the rest of the network (FIG. 110). Below is a
description of this process. It is important to note that there is no user intervention necessary during this
process. It proceeds automatically based on the configuration parameters entered into the panel.
A server certificate file uses a certificate that is installed in a panel so that the RADIUS server can be validated
before the panel tries to connect to it. The field name associated with this file is
Certificate Authority
.
If a server certificate is used, it should first be downloaded into the panel and the
Certificate Authority
field
should then be set to the name of that certificate file. No file path should be used for this setting as all
certificates are stored in a specific directory that the user cannot control or change. The most secure connection
method uses a server certificate.
If no server certificate will be used then, this field should be left blank. If the field contains a file name, then a
valid certificate file with the same file name must be previously installed on the panel. Otherwise the
authentication process will fail.
Wireless Settings Page - Security Options - EAP-PEAP
EAP
(Extensible Authentication Protocol) is a Enterprise authentication protocol that can be used in both a
wired and wireless network environment. EAP requires the use of an 802.1x Authentication Server, also
known as a Radius server. Most of the configuration fields described below take variable length strings as
inputs. Whenever these fields are selected, an on-screen keyboard appears which allows the string to then be
entered.
PEAP
(Protected Extensible Authentication Protocol) was developed by both Cisco
©
Systems and Microsoft
®
as a way to securely transmit authentication information, such as passwords, over a wireless network
environment. PEAP uses only server-side public key certificates and therefore does not need a client (panel)
certificate which makes the configuration and setup easier.
There are two main versions of the PEAP protocol supported by panel’s Devicescape Wireless Client are:
PEAPv0
(developed with Microsoft)
PEAPv1
(developed exclusively by Cisco)
PEAP uses an inner authentication mechanism which is supported by the Devicescape Wireless
Client, the most common of which are:
MSCHAPv2
with PEAPv0 and
GTC
with PEAPv1
FIG. 110
EAP security method in process
LAN
Client - Panel
(supplicant)
802.1x
(EAP over Wireless)
Authenticator
(Wireless Access Point)
Authentication Server
(RADIUS Server)
Summary of Contents for modero NXD-CV10
Page 1: ...Operation Reference Guide Touch Panels NXT D CV10 10 Modero Touch Panel Last Revised 7 2 2012 ...
Page 44: ...CV10 Touch Panel Accessories 32 10 Modero Touch Panels ...
Page 58: ...Installation 46 10 Modero Touch Panels ...
Page 88: ...Configuring Communication 76 10 Modero Touch Panels ...
Page 98: ...Upgrading Modero Firmware 86 10 Modero Touch Panels ...
Page 192: ...Appendix A 180 10 Modero Touch Panels ...
Page 206: ...Troubleshooting 194 10 Modero Touch Panels ...