Receive new posts as email.
RSS 0.91 | RSS 2.0
RDF | Atom
Podcast only feed (RSS 2.0 format)
Get an RSS reader
Get a Podcast receiver
| Sun | Mon | Tues | Wed | Thurs | Fri | Sat |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 |
This site operates as an independent editorial operation. Advertising, sponsorships, and other non-editorial materials represent the opinions and messages of their respective origins, and not of the site operator or JiWire, Inc.
Entire site and all contents except otherwise noted © Copyright 2001-2006 by Glenn Fleishman. Some images ©2006 Jupiterimages Corporation. All rights reserved. Please contact us for reprint rights. Linking is, of course, free and encouraged.
Powered by
Movable Type
« Wee-Fi: Zen X-Fi, Apple iPod/iPhone Remote, Bullet Train-Fi, St. Louis-Fi | Main | Wee-Fi: Germans Can Leave Networks Open; Belkin Announces Wireless High-Def »
Apple adds secure enterprise logins for iPhone: The iPhone 2.0 software, available through a download link for existing 2G iPhones today, adds promised support for the 802.1X port-based authentication required in any company that’s even remotely serious about its network security. 802.1X isolates connecting to an access point from gaining access to the network to which the access point is connected. A special client, known as a supplicant, must provide the right credentials for a device to be approved for access. Cryptography binds the process. (Instructions for manually installing the software are over at Wired. The update will likely be pushed out via iTunes to current owners tomorrow, and is included on the iPhone 3G, which goes on sale starting today over the international dateline and tomorrow in the U.S., Europe, and elsewhere.)
Apple splits its 802.1X support into two pieces. There’s basic support built into the iPhone 2.0 software, found in the Settings application’s Wi-Fi section. Click Other. Click the None label next to Security, and the WPA Enterprise and WPA2Enterprise options appear. Select either, and the main login screen lets you enter the network’s name (SSID), a user name, and a password. This basic method is limited to WPA Enterprise and WPA2 Enterprise, the two most common (and most secure) forms of 802.1X.
Most enterprises will want much more control over this process, and Apple provides the iPhone Configuration Utility, currently available in its most complete form only as a Mac OS X application, and in more limited forms as Web 2.0 applications for Windows and Mac OS X.
The utility serves two purposes: creating configuration profiles, including for multiple Wi-Fi networks and VPN connections; and allowing iPhones in an enterprise to run internally developed iPhone software. The Wi-Fi profiles allow you to create WEP or WPA/WPA2 802.1X configurations, and include support for choosing allowed EAP messaging types, configuring authentication elements associated with a given EAP type, and adding server certificates and names for better authentication control.
Once created, these profiles can be distributed throughout a company via email or as a direct download to the iPhone via an intranet Web server. Apple chose not to encrypt them, which means that certain information that’s not secured—such as the shared secret for certain VPN connections—could be disclosed to someone who had access to the profile or could download it off the local network.
Posted by Glennf at July 10, 2008 3:51 PM
Thanks so much for this article. I thought I was losing my mind when I couldn't find the 802.1x settings on my iPhone. I am set up and running on the University wireless now :-)
Posted by: Frank at July 14, 2008 8:39 AM