By Vince Lujan Posted July 27, 2017
It feels like every day brings new innovations in cloud based infrastructure. WiFi authentication is no exception. This blog post discusses the implications of cloud WiFi authentication and how Directory-as-a-Service® from JumpCloud can help secure your wireless network infrastructure.
Secure Authentication through RADIUS
Restricting network access is not a new idea. Network administrators recognized the necessity for security long before WiFi was even a thing. Back when everything was on-prem, it was a lot easier to restrict network access because users had to be hardwired into the network. Still, anyone with a network cable could conceivably gain access. Thus, the RADIUS protocol was born.
RADIUS is a simple protocol that exists primarily to authenticate and authorize users attempting to access a network. Yet it quickly became an industry standard, forming the symbiotic relationship between network innovation and security that has continued to evolve with the development of WiFi.
However, WiFi brought about it’s own set of challenges, many due in part to the fact that attackers no longer needed to be hardwired to access the network. Instead, anyone in range with an antenna posed a potential threat. As security systems became more sophisticated, so too did the attacks from the bad guys. The result of which was the beginning of a networking arms race that many organizations still struggle with today.
From Wired to WiFi
WiFi access is a core essential for just about any modern organization. Most mobile devices don’t even support a wired connection anymore, so it’s no surprise that WiFi has become a staple resource. Not to mention, most customers and employees have come to expect it for all of their devices. Yet, while WiFi is certainly critical in the modern office, it can be difficult to manage who has access. This is especially relevant when you consider former employees or visitors that often retain access until the SSID and passphrase have been changed. While most people don’t necessarily pose a threat to your organization, it opens the door to potentially devastating attacks. This revelation is why many organizations are looking for a proactive approach to network security.
Meraki’s WiFi management is a great example. Even though you have on-prem wireless access points – the management is in the cloud. Directory-as-a-Service takes it one step further by authenticating access to WiFi networks through the cloud. Our platform extends your WiFi security paradigm to uniquely authenticate each user to your network and tightly integrate with WAPs provided by companies such as Meraki, Aruba, Mist, and others – all without anything on-prem.
Here’s how it works: you connect your WAPs via RADIUS to a cloud RADIUS server. The RADIUS server then integrates with an on-board directory service. You simply add your users and grant them access to whatever WiFi networks you want. The end user doesn’t need to install anything – they just login with their username and password which can be the same as their G Suite or Office 365 credentials.
Secure WiFi Authentication with the Cloud
Directory-as-a-Service offers frictionless access for the end user’s experience but is also a big step up in IT security as there is no longer a need for shared SSIDs and passphrases. Each user logs in with their unique credentials. All of the infrastructure to do this is in the cloud – nothing on-prem except your WAPs.
This is just one benefit of a cloud based infrastructure. To discover more ways that Directory-as-a-Service can help your organization, sign up today and you and ten users can try it for free.