Windows 7 / Networking

EAP Host Architecture

For easier development of EAP authentication methods for IEEE 802.1X-authenticated wireless connections, Windows Vista and Windows 7 support a new EAP architecture called EAPHost. EAPHost provides the following features that are not supported by the EAP implementation in earlier versions of Windows:

  • Network Discovery EAPHost supports Network Discovery as defined in the "Identity selection hints for Extensible Authentication Protocol (EAP)" Internet draft.
  • RFC 3748 compliance EAPHost will conform to the EAP State Machine and address a number of security vulnerabilities that are specified in RFC 3748. In addition, EAPHost will support additional capabilities such as Expanded EAP Types (including vendorspecific EAP methods).
  • EAP method coexistence EAPHost allows multiple implementations of the same EAP method to coexist simultaneously. For example, the Microsoft version of Protected EAP (PEAP) and the Cisco Systems, Inc. version of PEAP can be installed and selected.
  • Modular supplicant architecture In addition to supporting modular EAP methods, EAPHost also supports a modular supplicant architecture in which new supplicants can be added easily without having to replace the entire EAP implementation.

For EAP method vendors, EAPHost provides support for EAP methods already developed for Windows Server 2003 and Windows XP, as well as an easier method of developing new EAP methods. Certified EAP methods can be distributed with Windows Update. EAPHost also allows better classification of EAP types so that the built-in 802.1X- and PPP-based Windows supplicants can use them.

For supplicant method vendors, EAPHost provides support for modular and pluggable supplicants for new link layers. Because EAPHost is integrated with NAP, new supplicants do not have to be NAP aware. To participate in NAP, new supplicants only need to register a connection identifier and a callback function that informs the supplicant to re-authenticate.

[Previous] [Contents] [Next]

In this tutorial:

  1. Configuring Windows Networking
  2. Usability Improvements
  3. Network And Sharing Center
  4. Network Explorer
  5. How Windows Finds Network Resources
  6. How Windows Publishes Network Resources
  7. How Windows Creates the Network Map
  8. Network Map
  9. Set Up A Connection Or Network Wizard
  10. Manageability Improvements
  11. Network Location Types
  12. Policy-Based QoS
  13. Selecting DSCP Values
  14. Planning Traffic Throttling
  15. Configuring QoS Policies
  16. Configuring System-Wide QoS Settings
  17. Configuring Advanced QoS Settings
  18. Testing QoS
  19. Windows Firewall and IPsec
  20. Windows Connect Now in Windows 7
  21. Core Networking Improvements
  22. Networking BranchCache
  23. How Hosted Cache Works
  24. How Distributed Cache Works
  25. Configuring BranchCache
  26. BranchCache Protocols
  27. File Sharing Using SMB
  28. Web Browsing with HTTP (Including HTTPS)
  29. DNSsec
  30. GreenIT
  31. Efficient Networking
  32. What Causes Latency, How to Measure It, and How to Control It
  33. TCP Receive Window Scaling
  34. Scalable Networking
  35. Improved Reliability
  36. IPv6 Support
  37. 802.1X Network Authentication
  38. Server Message Block (SMB) 2.0
  39. Strong Host Model
  40. Wireless Networking
  41. Improved APIs
  42. Network Awareness
  43. Improved Peer Networking
  44. Services Used by Peer-to-Peer Networking
  45. Managing Peer-to-Peer Networking
  46. Peer-to-Peer Name Resolution
  47. EAP Host Architecture
  48. Layered Service Provider (LSP)
  49. Windows Sockets Direct Path for System Area Networks
  50. How to Configure Wireless Settings
  51. Configuring Wireless Settings Manually
  52. Using Group Policy to Configure Wireless Settings
  53. How to Configure TCP/IP
  54. DHCP
  55. Configuring IP Addresses Manually
  56. Command Line and Scripts
  57. How to Connect to AD DS Domains
  58. How to Connect to a Domain When 802.1X Authentication Is Not Enabled
  59. How to Connect to a Domain When 802.1X Authentication Is Enabled