IEEE802.1X

The IEEE 802.1X protocol is the standard for user and device authentication. Although it is very popular in IT infrastructure, common implementations often end up simply blocking unauthorized access. The METEL solution goes further and offers a complete ecosystem for critical infrastructure that works reliably even in extreme conditions.

802.1X system architecture

For authentication to work properly, the standard defines three key roles:

  • Supplicant: The end device (IP camera, sensor or service PC) that requires access to the network and must prove its identity.

  • Authenticator: The element that mediates communication between the requester and the server. This role is fulfilled by any managed LAN-RING switch (with FW 62 or higher).

  • Authentication Server (RADIUS): The "brain" of the system that makes the decision to allow or deny access. For maximum security, we recommend deploying two redundant servers, at least one of which should be located locally.

Locating at least one RADIUS server directly on the protected premises ensures autonomy and high system availability even in the event of a connectivity failure to the central office or the cloud. In addition, a local server minimises authentication latency and, in combination with physical security (e.g. in a rack with a tamper), significantly increases the network's resilience against cyber and physical attacks.

Why choose LAN-RING & IPLOG?

We enable integrators to build a fully independent and secure network infrastructure without having to rely on third-party IT elements.

Industrial RADIUS server in IPLOG units

We have developed a dedicated "free radius-server" software package for IPLOG-GAMA controllers. Unlike conventional office servers, IPLOG units offer:

  • Extreme temperature range: reliable operation from -40 °C to +70 °C.

  • High durability: can be deployed directly in the field, in outdoor cabinets or industrial halls.

  • Independence.

Full Authenticator/Supplicant support

LAN-RING series switches (F and G versions) fully support the IEEE 802.1X standard. This gives you control over every port and ensures that no foreign device connects to your network without going through a rigorous authentication process.