Hi Phil, Thanks for your reply.
Sorry, but you're misunderstanding the stats, or reading too much into them.
These are EAP types from EAP *packets*, not sessions. And, as I said, it excludes our *own* users (i.e. it's just visitors) which removed several hundred thousand PEAP packets from the count.
EAP-Identity doesn't count as an auth type; there is one EAP packet for every session, at the start.
If you exclude the Identity packets (type 1) and NAK packets (type 3) you have:
91 0d 4848 15 35801 19
This is 87% PEAP. However, this is still *packets*. It takes no account of sessions, of the client re-auth times, TLS session resumption, and so forth, and is still just for visitors.
You are right Phil, I didn't get that these were counters for packets. My comment was merely on the fact that I am unable to find some related statistics and that people mention online their "feeling" about deployed/used EAP methods but there is no such survey/analysis available.
I'm afraid I don't have time to do more detailed processing. But really, you would want to "unique" any stats by client (Calling-Station-Id) and EAP-type, and measure "EAP type client days" or something.
Fair enough, thanks a lot for the insight, Panos