As the world moves to the cloud, a new generation of network management technology is also making the leap. For example, Meraki’s cloud-based management of WiFi infrastructure has been a huge hit with IT and network admins. While the management infrastructure is jumping to the cloud, can hosted WiFi authentication also work?
WiFi Authentication: What’s the point?
Let’s start with why WiFi authentication is even needed. WiFi has been a massive, positive change for organizations (and consumers at home). WiFi networks have virtually completely replaced wired networks in organizations. The benefits are tremendous for productivity and cost. The challenge with WiFi networks has been security. Many organizations have a common SSID and passphrase for everybody to use. This is often posted on whiteboards or on signs around the office. As the organization grows, it becomes a challenge to lock down the network. With employee turnover and guests, it is difficult to keep access to the WiFi network secure.
Many organizations turned to the RADIUS protocol to help. By implementing FreeRADIUS or another RADIUS server, organizations can uniquely authenticate users to the WiFi network. The challenge with this approach is how many moving parts there are. The wireless access point needs to connect with the FreeRADIUS server which in turn needs to connect to the directory service. Of course you also need to ensure that your end users’ laptops and desktops can talk the right RADIUS protocol. All of this is overhead and hassle which is often why WiFi networks are often viewed as insecure.
Why Hosted WiFi authentication is a better solution
Hosted WiFi authentication solves these challenges with a cloud RADIUS infrastructure. A global network of FreeRADIUS servers is available for you to point at from your WAPs. The virtual RADIUS infrastructure is backed by a cloud directory which ensures that a user’s primary credentials are used to authenticate. With PEAP support there is no hassle for laptops and desktops to securely pass credentials through the WAP to the hosted RADIUS infrastructure. All of this happens on the back end of course. The result is the user can (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Vince Lujan. Read the original post at: https://jumpcloud.com/blog/hosted-wifi-authentication/