By Greg Keller Posted June 11, 2015
Cisco’s Meraki wireless access point platform is one of the most widely used WiFi platforms. Organizations both small and large deploy the Cisco Meraki wireless platform because of its enterprise class capabilities. Many of these organizations also leverage Meraki’s ability to integrate with RADIUS to provide more fine grained control over user access.
At JumpCloud, we too see the benefits of Meraki. We have integrated our Directory-as-a-Service® platform through the RADIUS protocol with Meraki. In this blog post, we’ll describe how the two solutions work together at a high level.
Why Connect Wireless Solutions with a Directory Service
It’s all about security and control.
Without leveraging a directory service to backend the access control to a wireless network, the IT organization must rely on an SSID and passphrase as the mechanism to control access. That mechanism is fine when there are just a few people that know the passphrase, but as an organization grows, a shared passphrase as the control mechanism for network access becomes high risk.
So IT admins often look to extend access to the wireless network by connecting to the core user directory. Each user can then be checked against the central user store to determine whether or not they should be granted access. This integrated approach is a significant step up in terms of security and control.
Meraki’s Wireless Access Points Support Integration
Through a simple RADIUS configuration screen, IT admins are able to connect the WAP infrastructure to the RADIUS server. The RADIUS server is then connected to the directory, where a user’s credentials will traverse the WAP to the RADIUS server and then be checked for validity by the directory server. Access will then be granted or denied.
The process is straightforward and valuable, but unfortunately, the setup is not. Installing and configuring a RADIUS server is complex and painful. Then connecting that to both the wireless infrastructure and to the user directory is non-trivial.
JumpCloud’s Directory-as-a-Service platform is solving this problem. Through an on-board RADIUS server, IT admins can simply point their WiFi infrastructure to JumpCloud’s cloud-based RADIUS server. The RADIUS server is then automatically connected to JumpCloud’s cloud-based directory services platform. This way, all of the heavy lifting is done for the IT organization by JumpCloud.
As users are added, deleted, and changed inside of the JumpCloud user directory, those changes impact the wireless network access. A terminated user trying to access the wireless network may have the correct SSID and passphrase, but because their credentials have been revoked, they are not able to access the WiFi network. This fine grain control over network access is all driven from one central location – the JumpCloud user directory.
Integrating Cisco Meraki and JumpCloud
For organizations that are leveraging Meraki wireless gear, there is an easy option to increase control and security – connect Meraki to JumpCloud’s Directory-as-a-Service. If you are interested in learning more about how this works, drop us a note. We would be happy to speak with you about it. Or, you can try it out for yourself by signing up for a free account. Your first 10 users are free forever, so there’s no reason not to give it a shot.