O'Reilly logo

Cisco Wireless LAN Security by Andrew Balinsky, Darrin Miller, Krishna Sankar, Sri Sundaralingam

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

SWAN Fast Secure Roaming (CCKM)

When you deploy EAP/802.1x as the security mechanism, you need to address performance aspects when a user roams from an AP to another AP (whether Layer 2 or Layer 3 roam). As discussed in previous chapters, during an 802.11 reassociation process, you must reauthenticate the WLAN user to avoid man-in-the-middle (MitM) attacks. A full EAP/802.1x authentication is likely to increase the roaming delay between the APs. In the case of a remote branch office, if the RADIUS authentication is to take place over a WAN link (such as a RADIUS infrastructure located at the headquarters [HQ]), this will further increase the roaming delay.

The roaming delay during EAP/802.1x reassociation might impact some applications, such ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required