University of GuelphCase Study
SecureW2 JoinNow provides a fairly straight-forward utility for the onboarding process without requiring additional IT support.
Allowing BYOD devices onto the network brought several inherent risks to the table, including the potential for widespread security vulnerabilities. “We were facing many problems with the manual onboarding process,” said Dennis Xu, University of Guelph Network Analyst, Computing and Communications (CCS), “Some manual configurations rendered devices vulnerable to certain impersonation and authentication attacks.”
Guelph needed to figure out how to make the network as easy to access as possible without compromising over-the-air device security.
Manually Configuring WPA2-Enterprise Poses a Risk
Prior to implementing JoinNow, Guelph did not have an automated onboarding solution and instead relied on manual device configuration. However, they quickly determined this wouldn’t work as IT staff continued to face an influx support tickets from end users misconfiguring their devices.
Xu noticed many problems when onboarding BYODs, especially inconsistencies across devices and operating systems. “We noticed that, for example, Apple iOS devices show the RADIUS server certificate ‘Not Verified’ message even when the server certificate is issued by a trusted Certificate Authority (CA),” Xu said.
Configuring devices effectively is one of the most challenging components of deploying WPA, WPA2, and 802.1X. Since manually configuring a device properly for 802.1X involves a convoluted series of steps that can confuse end users, there is plenty of room to err during setup.
Skipping one step in the process can leave students susceptible to a ‘man-in-the-middle’ (MITM) attack. Just one misconfigured device can leave the entire network vulnerable to over-the-air credential theft. Guelph needed a solution for onboarding misconfiguration, and they needed it fast.
- Windows XP +
- Mac OS X 10.5 +
- Apple iOS 2.0 +
- Andriod 2.1 +
- Kindle Fire
- EAP TLS
- PEAP / MSCHAPv2
- PEAP / GTC
- EAP - TTLS / PAP
- EAP - TTLS / MSCHAPv2
- EAP - SIM
- Internal Web Server
- SecureW2 Cloud
The tool has provided great assistance in this endeavor, SecureW2’s JoinNow provides a fairly straight-forward utility for the onboarding process without requiring additional IT support.
As a result, the calls to our help desk regarding connectivity challenges to secure Wi-Fi are less frequent.
In September 2014, the number of users on secure wireless doubled since the same time the year prior.
Support teams from SecureW2 have been very helpful throughout the deployment and operation processes, The support engineers are very knowledgeable and questions are always handled in a timely fashion.
As the BYOD movement continues to grow, the number of Wi-Fi-enabled devices connecting to WPA2-Enterprise networks has increased exponentially. With JoinNow, device onboarding doesn’t have to be a support and end user nightmare. SecureW2’s automated solution, JoinNow MultiOS, streamlines the user experience to deliver secure wireless with the click of a button. Check out our pricing page to see why SecureW2 is a cost-effective solution.