EAP communication overview

Appendix B - Wireless Technology

EAP Authentication goes a step beyond just encrypting data transfers, but also requires that a set of credentials be validated before the client (panel) is allowed to connect to the rest of the network (FIG. 98). Below is a description of this process. It is important to note that there is no user intervention necessary during this process. It proceeds automatically based on the configuration parameters entered into the panel.

LAN

802.1x

(EAP over Wireless)

Client - Panel	Authenticator	Authentication Server
Client - Panel	Authenticator	(RADIUS Server)
(supplicant)	(Wireless Access Point)

FIG. 98 EAP security method in process

1.The client (panel) establishes a wireless connection with the WAP specified by the SSID.

2.The WAP opens up a tunnel between itself and the RADIUS server configured via the access point. This tunnel means that packets can flow between the panel and the RADIUS server but nowhere else. The network is protected until authentication of the client (panel) is complete and the ID of the client is verified.

3.The WAP (Authenticator) sends an "EAP-Request/Identity" message to the panel as soon as the wireless connection becomes active.

4.The panel then sends a "EAP-Response/Identity" message through the WAP to the RADIUS server providing its identity and specifying which EAP type it wants to use. If the server does not support the EAP type, then it sends a failure message back to the WAP which will then disconnect the panel. As an example, EAP-FAST is only supported by the Cisco server.

5.If the EAP type is supported, the server then sends a message back to the client (panel) indicating what information it needs. This can be as simple as a username (Identity) and password or as complex as multiple CA certificates.

6.The panel then responds with the requested information. If everything matches, and the panel provides the proper credentials, the RADIUS server then sends a success message to the access point instructing it to allow the panel to communicate with other devices on the network. At this point, the WAP completes the process for allowing LAN Access to the panel (possibly a restricted access based on attributes that came back from the RADIUS server).

As an example, the WAP might switch the panel to a particular VLAN or install a set of firewall rules.

196	Modero Touch Panels

NXD-700Vi specifications

The AMX NXD-700Vi is a cutting-edge touchscreen control panel designed to enhance the user experience in various AV environments, including conference rooms, classrooms, and home theaters. Featuring a sleek and modern design, the NXD-700Vi combines advanced technology with an intuitive interface, making it an ideal solution for both commercial and residential applications.

At the heart of the NXD-700Vi is a 7-inch high-resolution LCD touchscreen, which delivers vibrant colors and crisp details, ensuring that users can easily navigate through the various functionalities and options available. The screen is equipped with an anti-glare coating that allows for optimal visibility in different lighting conditions, making it suitable for any setting.

One of the standout features of the NXD-700Vi is its customizable interface. Users can personalize the layout and graphics, tailoring the control panel to meet specific needs or branding requirements. This flexibility not only enhances usability but also provides a unique touch that can resonate with the intended audience.

The NXD-700Vi employs advanced networking capabilities, allowing for seamless integration with a wide array of AV devices and systems. It supports Ethernet connectivity, enabling users to control various devices from anywhere within the network. This flexibility is particularly useful in large installations where managing multiple systems can be cumbersome.

In addition to its networking capabilities, the NXD-700Vi incorporates infrared (IR) control, enabling it to communicate directly with many AV components. This dual-functionality ensures that users can manage their complete AV setup, including projectors, audio systems, and lighting, all from a single interface.

Another notable characteristic of the NXD-700Vi is its robust security features. The panel can be configured to restrict access to certain functions or settings, ensuring that sensitive content or equipment is protected from unauthorized use. This is particularly critical in environments where information security is paramount.

The unit is also designed for easy installation and management. With a built-in web server, users can configure the NXD-700Vi remotely, streamlining setup and maintenance. This feature reduces the need for on-site visits, saving both time and resources.

Overall, the AMX NXD-700Vi stands out as a sophisticated, versatile solution for modern AV control needs. With its intuitive touchscreen, customizable interface, and comprehensive integration capabilities, it is an essential tool for enhancing control and interaction in both commercial and residential environments.

AMX NXD-700Vi manual EAP communication overview, EAP security method in process

Models: NXD-700Vi