Abstract: Example approaches for authenticating a device are described. In an example, a category, from a plurality of categories, is identified for a device, based on data packets exchanged between the device and a network element. The category is indicative of operational capabilities of the device. Based on the category identified for the device, an authentication order for the device is determined. The authentication order is indicative of a sequence in which a set of authentication tests is to be executed for authentication of the device.

Abstract: Example approaches for authenticating a device are described, In an example, a category, from a plurality of categories, is identified for a device, based on data packets exchanged between the device and a network element. The category is indicative of operational capabilities of the device. Based on the category identified for the device, an authentication order for the device is determined. The authentication order is indicative of a sequence in which a set of authentication tests is to be executed for authentication of the device.

Abstract: A system and method authenticating a client device transmitting a request to access a network that includes an authentication server to implement an authentication protocol for access to the network, and an authenticator to transmit identity credentials of the client device using the authentication protocol to the authentication server to perform authentication of the client device at the authentication server. The authenticator downloads credentials of the authenticated client device from the authentication server, determines, during a re-authentication period, whether the authentication server is available, and performs re-authentication of the client device using the downloaded credentials when the authentication server is determined not to be available.

Abstract: Examples disclosed herein relate to providing a failover in a MACsec capable device. In an example, a determination may be made on a Media Access Control (MAC) Security (MACsec) capable device, whether a primary management engine that manages a protocol related to MACsec standard on the MACsec capable device has failed. In response to a determination that the primary management engine has failed, a secondary management engine in the MACsec capable device may create a Connectivity Association (CA) between the MACsec capable device and a peer MACsec capable device by performing an IEEE 802.1X re-authentication with the peer MACsec capable device within MACsec Key Agreement (MKA) lifetime. The MKA lifetime may refer to a period during which no MACsec Key Agreement Protocol Data Unit (MKPDU) is received by the peer MACsec capable device from the MACsec capable device.

Abstract: A system and device for determining authenticity of a client device transmitting a request to access a network that includes an authenticator to adjust authentication parameters for authentication requests to access a network from a client device, and access switches positioned within the authentication, each of the plurality of switches having an associated port for receiving the authentication requests. The authenticator monitors authentication requests received from the client device, determines whether a number of the monitored authentication requests that are failed authentication requests, and determines mobility of the client device during the monitored authentication requests. Authenticity of the client device is determined based on one of the determined number of failed authentication requests and the determined mobility of the client device.

Abstract: Examples disclosed herein relate to providing a failover in a MACsec capable device. In an example, a primary management engine that runs a protocol of MACsec standard in a MACsec capable device may determine whether a parameter related to a protocol of MACsec standard on the MACsec capable device has changed. In response to the determination that the parameter has changed, primary management engine may synchronize data related to the parameter to a secondary management engine, which acts as a failover component for the primary management engine. In response to a determination that the primary management engine has failed, secondary management engine may recreate the latest state of the protocol of MACsec standard in the MACsec capable device prior to the failure of the primary management engine, based on the data related to the parameter.