Types of WiFi Authentication
There are several different methods for authenticating wireless clients. Some have fallen out of favor due to security weaknesses, ultimately being replaced with newer, more secure authentication methods. These include :
- Open authentication to the access point
- Shared key authentication to the access point
- EAP authentication to the network
- MAC address authentication to the network
- Combining MAC-based, EAP, and open authentication
- Using CCKM for authenticated clients
- Using WPA key management
WiFi Authentication Challenges
From its outset, WiFi posed a unique challenge when it came to authenticating identities since users were no longer physically connecting to ethernet ports. Originally, there were several methods used to authenticate users across wireless networks:
- Separation: One was to separate the WiFi network and enable it to access the Internet. If you needed to access on-prem applications or resources, you would VPN into the network just as if you were remote. In this case the solution for WiFi authentication was the implementation of the SSID and password which was shared across any users of that particular network. In this case, there wasn’t really a connection to the main network even though the WiFi network was located alongside the internal network. It operated more as a separate network for a variety of reasons.
- SSID: Another path is to simply leverage an SSID and passphrase and let anybody on the network that has that. Subsequently the user could authenticate to the directory service, but even if they failed the authentication, they would still have access to the WiFi network.
- RADIUS Authentication: Yet, another path was to leverage the RADIUS authentication protocol to auth access to the WiFi network which would subsequently authenticate access with Active Directory. The RADIUS server was the intermediary between the WiFi access point and the core identity provider. RADIUS was able to speak to the WiFi access points and then translate for the directory to authenticate user access. Of course, the downside of this approach was more servers, more integration, and more configuration on end user devices.
WiFi Authentication with Portnox CLEAR
WiFi extends beyond your walls. Employees harmlessly share company WiFi passwords with guests, contractors, business neighbors without ever stopping to think about the network and information security risks this poses to their organization. It’s not just outsiders, however. Today, nearly 20% of SMBs experience a data breach by a former employee who still has WiFi access.
It’s never been easier to secure your WiFi. With Portnox’s WiFi Security-as-a-Service, complex integrations and RADIUS server setups that traditionally required skilled IT staff and extensive training have been eliminated. Now, you can set-up user and device authentication that comply with security regulations in minutes.
Watch How it Works
About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. The company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。