Back to Customer Stories
Healthcare
1min read
May 25, 2026

Migrating a Medical Device Manufacturer From Legacy NPS to Cloud RADIUS

At a Glance
Industry Healthcare
Use Case NPS replacement, certificate-based 802.1X Wi-Fi, Intune SCEP enrollment
Key Result Deployed certificate-based authentication to 1,400+ devices and eliminated on-premises RADIUS infrastructure
Read the Full Story
Schedule Demo

The Challenge

A medical device manufacturer with over 1,000 employees had outgrown Microsoft Network Policy Server (NPS). The company needed a RADIUS solution that could connect directly to its existing Microsoft stack and solve these issues:

  • The on-premises RADIUS solution lacked native integration with Microsoft Entra ID and Intune, leaving gaps in identity-based access control.
  • Manual configuration kept the IT team tethered to legacy infrastructure while the rest of the organization moved to cloud-based tools.
  • The complexity of managing enrollment policies, certificate templates, trusted root distribution, and Wi-Fi profile assignments for both Windows and macOS created significant overhead for SCEP delivery via Intune.

The company needed to upgrade the legacy system to include network access controls that support compliance as per healthcare regulatory requirements. Replacing shared credentials with identity-backed certificates addressed this.

The Solution

The team evaluated several options and selected SecureW2 based on cloud-native architecture, Microsoft integration depth, and the ability to validate the full enrollment and authentication path during a proof-of-concept (POC) session.

The POC successfully validated the entire stack, leading to a full deployment. JoinNow Cloud RADIUS replaced Microsoft NPS as the primary RADIUS infrastructure, fully cloud-hosted with no on-premises server requirements.

The initial rollout covered Windows devices. The SecureW2 implementation team configured the setup – enrollment policies, certificate templates, and Intune SCEP profiles. The company’s IT administrator then transitioned certificate policies from device-based to user-based enrollment, migrating users seamlessly individually into the new policy structure for tighter identity binding.

The Results

  • Replaced NPS and on-premises RADIUS infrastructure with a cloud-native authentication model
  • Swapped in user-based certificate policies to replace device-based enrollment for stronger identity-backed access control
  • Enrolled 1,400+ Windows devices with certificate-based 802.1X authentication across the managed fleet
  • Initiated a macOS expansion to cover the full 1500+ Apple fleet

The company is building toward a unified authentication model across both operating systems. What started as an NPS replacement has become the foundation for identity-driven network access across the entire organization.

Learn More About SecureW2

Explore SecureW2's trust model, dive into our platform and product details or read more success stories.

Why SecureW2

Establish continuous trust with Dynamic PKI and Cloud RADIUS. Enforce access based on live identity, device posture, and risk context.

  • Passwordless authentication that can’t be phished
  • Works with your IdP, MDM, and security stack
  • Real-time policy engine for dynamic access control
Learn More
Explore the Platform

Get the essentials on the products that power continuous enforcement.

SecureW2 JoinNow Platform
SecureW2 Dynamic PKI
SecureW2 Cloud RADIUS
MultiOS for Self-Service Onboarding
Integration Hub
Knowledge Base Articles

Explore practical guidance from engineers and admins deploying SecureW2.

  • Setup and configuration tutorials
  • Integration best practices with IdPs and MDMs
  • Troubleshooting guides for PKI and RADIUS
Browse Explainers