i was wondering what possibility for extra security i have beyond dot1x. because of course it is quite save, but once a username and password is known then anyone could use those.
certificates and machine authentication against radius seems some way to make things more secure, but is there anything else to use?
what are the possibilties to add a token (i.e. RAS, safeword, ...) to the mix? is that something Aruba can take care of or something that requires extra client software?