Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

He-Said/He-Said: Open Source 802.1X

Over in NWC News Analysis, we covered the formation of a new group to build an open source 802.1X supplicant. The group, called the OpenSEA Alliance, is working to develop an open-source 801.X supplicant (a client implementation) to ensure a standards-based implementation and speed industry adoption, they said.
Our editors have varying opinions on the move:
Said Andrew Conry-Murray, NWC products editor:

Does the world need another 802.1X supplicant? Certainly not a commercial one. Most IT organizations turn to 802.1X to help authenticate Windows-based clients accessing wired or wireless networks, and they've already got three to choose from--a Windows supplicant built into the OS, and third-party supplicants available from Juniper Networks and Cisco Systems.

But an open-source supplicant with strong community support is another issue. For one, a vigorous developer community can address areas that commercial supplicants ignore, like printers and other network-attachable devices, or broader OS support. For another, a robust open-source alternative will motivate commercial vendors to keep improving their own products in the same way Mozilla lit a fire under Microsoft to bring IE into the 21st century.

It's tempting to view the OpenSEA alliance as a bid to thwart Cisco/Microsoft hegemony in the NAC arena, but that's not the case. The Xsupplicant, the open-source supplicant around which OpenSEA is forming, supports several Cisco and Microsoft EAP types, and will have to continue to play nicely with these vendors to be widely adopted. OpenSEA will be successful if it is pro-IT rather than antivendor.

Added Greg Shipley, our security contributing editor:

  • 1