In Blog, Security

Cloud 802.1x Security

IT admins have long been interested in the 802.1x protocol. Tools that can boost security have a way of gaining the attention of IT admins. Originally designed for wired port security on switches, the 802.1x protocol has now been adapted for use in WiFi networks as well. Taking it a step further, the concept of a cloud 802.1x solution has begun to intrigue IT admins.

What is Cloud 802.1x?

VLAN Assignment VLAN TaggingIn case you’re a bit confused by the terminology, said another way, a cloud hosted 802.1x implementation could also be called VLAN assignment or VLAN tagging from an end value perspective. When you look back at the history of 802.1x, it becomes apparent that its implementation was difficult to set up on wired networks.

The reason for this difficulty stems from the fact that traditionally, an 802.1x network required supplicants on endpoints. These endpoints were then coupled with a FreeRADIUS server which would be used to pass along authentications to an identity provider (IdP), usually Microsoft® Active Directory® (MAD or AD), or sometimes OpenLDAP™. With all of these moving parts, proper implementation presented quite the challenge to IT admins. So, while implementing 802.1x would no doubt increase the security of a given network, the level of difficulty to get it all to work remained pretty high. As a result, 802.1x wasn’t nearly adopted at the rate it should have been.

Fast Forward to WiFi

As networks shifted to WiFi and IT management infrastructure picked up and moved to the cloud, an opportunity emerged to make it much easier to deliver better network security. These innovations made it possible for IT administrators replicate just about everything to do with 802.1x implementations up into the cloud. No more on-prem RADIUS servers, IdPs like Active Directory to constantly maintain, or making sure each endpoint had the correct supplicant.

How Does 802.1x in the Cloud Work?

VLAN reply attributesA cloud 802.1x solution would include, out of the box, a RADIUS server with the ability to provide VLAN reply attributes as well as including an on-board identity provider. So, IT admins wouldn’t be forced to spend a lot of time just trying to get these two components to talk. The outcome from this setup would enable IT admins to simply point their WiFi access point to the cloud RADIUS server and assign users to the proper VLANs, thereby eliminating a great deal of work and effort.

Thankfully, the example listed above isn’t just a theoretical pipe dream. A solution called JumpCloud® Directory-as-a-Service® is enabling IT admins with the ability to perform this cloud 802.1x function easily and effectively. Plus, this isn’t all it can do. While 802.1x can rightfully be called a networking security function, JumpCloud includes this feature as a part of its entire identity and access management platform, which provides users the ability to log in to any of their IT resources with a single set of credentials. That means users can log in to systems, applications, files, and of course networks, all with a single, secure set of credentials.

Learn More About JumpCloud

RADIUS and WiFi Authentication

Ready to boost your network security with cloud 802.1x? Sign up today for a free JumpCloud account and see how our cloud-based directory services can enable you to let go of cumbersome on-prem implementations in favor or a clean, web-based console. If you’d like to see the product in action, go ahead and schedule a demo or visit our YouTube page for tutorials and informative whiteboard videos.

Recent Posts