An IEEE standard for network access control. Used predominantly in Wi-Fi wireless networks, 802.1X keeps the network port disconnected until authentication is completed. Depending on the results, the port is either made available to the user, or the user is denied access to the network. Supplicant - Authenticator - Server The client desiring access to a network is called the "supplicant." The device that provides the network port to the client is the "authenticator." In a wireless network, the authenticator is in the access point (AP). In a dial-up network, the authenticator is in the network access server (NAS). The device that contains usernames and passwords and authorizes the user is the "authentication server." In small networks, the authentication server can be located in the same unit as the authenticator. EAP Over LAN (EAPOL) 802.1X uses the Extensible Authentication Protocol (EAP) for passing authentication messages. EAP comes from the dial-up environment, but "EAP Over LAN" (EAPOL) was created for packet networks such as Ethernet. 802.1X uses EAPOL to start and end the authentication session and pass EAP messages between the supplicant and authenticator and from the supplicant to the authentication server (via the authenticator). EAP messages from the authenticator to the authentication server typically use the RADIUS protocol. See EAP.