Layer 2 Enforcement

Layer 2 enforcement means controlling network access at the point where the user attaches to the network. In a wired network, this control is at the switch port; in a wireless network the control is at the wireless access point. The network access control is accomplished through 802.1X authentication protocol (implemented on the switch or wireless AP) in conjunction with RADIUS return attributes to control switch or AP operation such as VLAN assignment and filtering.

Using the 802.1X standard we can create a strong network perimeter defense through strong admission controls that do not allow users onto the network unless they are compliant with specified policy.