Most organizations have moved to wireless networks from the old traditional wired networks.
Wireless is easier to manage, more cost-effective, and more agile.
Users love WiFi. They can work wherever they want in the building or space, there are no cords, and they can always stay connected. But for IT admins, the benefits of implementing WiFi do come with some drawbacks – namely in how to manage WiFi users.
WiFi and Security
WiFi doesn’t have a reputation for being the most secure IT platform. Wireless access points have traditionally been secured through an encrypted connection – either WEP or WPA. Access to the network is controlled through an SSID and passphrase.
Anybody that has the SSID and passphrase is able to connect to the network. In larger offices, common credentials can spread quickly. As users come and go, if the credentials aren’t updated then the network is at risk. Terminated employees and former contractors will still have access.
For tiny organizations this is generally fine. Updates to the passphrase can be easily communicated. But that’s not the case for larger WiFi environments. So what can organizations do?
It Starts with Unique User Identities
The two major approaches to managing WiFi users both share a common theme: dramatically increasing the security of the WiFi platform comes from requiring users to connect to the network uniquely.
With unique user credentials, there isn’t a common password that enables access. Each user must have their own username and password. Users can be added and terminated independently from others ensuring that only the users you intend are the ones that can access the network.
LDAP & RADIUS – The Two Approaches to Manage WiFi User
You can manage WiFi users by connecting the wireless network either directly to LDAP or to other directory services via RADIUS.
In both cases, a user’s general credentials are utilized as the entry point. But the processes diverge when it comes to how they connect to theWiFi network.