Documentation
Integration with Identity Providers for RADIUS Authentication
JoinNow Cloud RADIUS is the industry’s only RADIUS Server that performs enhanced certificate-based authentication and runtime-level policy enforcement. This means that at the moment of authentication, it can validate a user/device/group’s status securely inside your Cloud Identity Provider. This empowers organizations to offer granular zero-trust policies that can be enforced in real-time. To learn more, read the documentation we have created on our cloudradius.com website.
Integration with Identity Providers for Certificate Issuance
SecureW2 acts as an authority to verify user identities and issue X.509 certificates. It integrates with the SAML provider’s user database and uses a Public Key Infrastructure (PKI) to authenticate user data that is contained in the SAML application. This ensures that users connect to the authentic SAML provider, and vice versa. When a user enters their credentials in the SAML application, the identity provider (IDP) verifies the user’s identity and returns attributes for the user. These attributes serve as network rules that determine the user’s access rights, which network segments/resources they can use, and more. SecureW2 encodes these attributes on the certificate it issues, and then installs the certificate on the user’s device. This is helpful for authenticating access to Wi-Fi, VPNs, Web Apps, and Email.
- Generic Guide for Using SAML-Based Certificate Enrollment for WPA2-Enterprise
- How To Configure WPA2-Enterprise With Microsoft Azure AD
- How To Configure WPA2-Enterprise With Okta
- How To Configure WPA2-Enterprise With Google Workspace
- How to Configure WPA2-Enterprise with PingIdentity
- How to Configure WPA2-Enterprise with ADFS
- How to Configure WPA2-Enterprise With Shibboleth
MDM/EMM Integrations for Certificate Lifecycle Automation
The onboarding process for MDMs has always been a struggle, primarily due to the necessity of manually connecting each device to the network. The SecureW2 MDM solutions utilize a SCEP Gateway to enroll MDMs for network access and automatically push out certificates. This solution integrates with MDMs from all major vendors and, once configured, distribute certificates without end-user interaction.
Setting up RADIUS on Wireless Controller/Access Points
In order to control who has access to a secure network, users that attempt to connect need to be efficiently and accurately identified as an approved or unapproved user. A RADIUS server is instrumental in this process. The RADIUS will first authenticate that the user is connecting through the correct authentication protocol, such as EAP-TLS. Once that is confirmed, the RADIUS analyzes the certificate to identify the user and determine whether they are allowed to be on the network. If they are, they are authorized and directed to the secure SSID for protected network use.
- Integrating CloudRADIUS with an Ubiquiti Unifi Access Point
- Integrating CloudRADIUS with an Aerohive Access Point
- Integrating CloudRADIUS with Aruba Access Points
- Integrating CloudRADIUS with Cisco Wireless LAN Controllers
- Integrating CloudRADIUS with an Meraki Access Point
- Integrating CloudRADIUS with an Extreme Access Point
Setting up Onboarding SSIDs on Wireless Controllers/Access Points
An onboarding SSID is a SSID that the end users can navigate to and they can easily onboard their devices for secure network access. It is an open SSID with a Walled Garden/ACL so that the end users can only access onboarding-related resources, such as SecureW2, the Google Play Store, your Identity Store, and so on. After their devices are onboarded, they are migrated to the secure SSID for a secure and encrypted network access.
- How to Set Up EAP-TLS Authenticated Wi-Fi Network with Aerohive
- How to Set Up EAP-TLS with Aruba Instant Access Points
- Setting Up EAP-TLS WPA2-Enterprise with Cisco Wireless LAN Controller
- How to Set Up EAP-TLS WPA2-Enterprise With Meraki
- Configuring WPA2-Enterprise With Cambium Networks
- How to Setup EAP-TLS WPA2-Enterprise with Extreme Networks