Cisco Blogs

Network Authentication

- June 1, 2009 - 1 Comment

Interop Las Vegas 2009 is now in the rearview mirror. I came back with a lot of discussions still echoing in my ears. The gathering was smaller than last year but still a good turn out. Cisco conducted a poll among conference attendees. More than 70% of them picked security as an area of interests, higher than any other areas. And network authentication was a hot topic.So what is network authentication all about? On a very basic level, it is about understanding who is coming to the network. There are a number of ways to implement network authentication. 802.1X is one of them (see my blog on Identity based networking services). NAC (network access control) is another. In fact, most NAC solutions on the market support 802.1X as a deployment option. So why is it that not everyone is doing network authentication today? No merit? Inconvenience for end users? Too costly?I remember that long ago (think Windows 3.1 or Macintosh) PCs didn’t need any personal passwords. I recall a few complaints “why should I type a password every time?” when new OSs came along. The protection quickly proved its worthiness and no one is complaining anymore.I also remember the transition from telnet to ssh. A software developer told me “This is not going to work.” “Why not?” I asked. “We use telnet everyday and everywhere, and ssh is available only on a few devices.” His words were heard. Today, ssh is supported everywhere. No more good ole telnet.It takes much more to do network authentication than a PC password or a protocol like ssh. Yet the evolution is similar. The new effort needs to have clear benefits. It should not slow down your business. And it should be reasonable to implement. “Take a look at 802.1X again”. “We’re deploying NAC now”. “We’re starting with a few simple things”. These were the discussions that I heard at Interop. They made me think that network authentication is going to take hold, especially when it brings a ton of benefits without a hit on user productivity.How long do you think it will take to see network authentication everywhere?

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.


  1. I think not longer it will take to see network authentication everywhere!