Configure Google SCEP Certificate Automatic Enrollment Profiles
Certificates are far superior to credentials and mitigate many of the vulnerabilities associated with pre-shared keys. They enhance the user experience by facilitating network access and removing password-related friction induced...
When Static Trust Becomes a Backdoor: Lessons from the 2025 SharePoint ToolShell Exploit
In July 2025, a widely exploited zero-day vulnerability, CVE-2025-53770 & 53771, named ToolShell, hit on-premises Microsoft SharePoint Server systems, triggering a large-scale compromise. The ToolShell exploit gave attackers unauthenticated remote...
Certificate Pinning vs. Device Attestation
Certificate pinning is widely used in networks to establish trust between client devices and servers. However, with enterprises shifting to dynamic BYOD and device trust policies, certificate pinning alone does...
Why Should I Use EAP?
The Extensible Authentication Protocol (EAP) provides a standard framework for authenticating users and devices to a network. It uses various authentication methods, such as tokens, smart cards, digital certificates, and...
What are the three components in the 802.1X system?
The 802.1X system has three primary components: the supplicant, the authenticator, and the authentication server. The supplicant is the part of the device that requests access, the authenticator is the...
What is 802.1x Authentication Used For?
802.1x Authentication is a network security standard that grants access to wired and wireless networks by validating authorized users and devices. The 802.1X protocol is the IEEE Standard for Port-Based...
Complete Guide to Android 802.1X
In this article, we’ll examine a crucial authentication method for keeping your Android devices secure while connecting to networks. It’s called 802.1X authentication. This specific security approach ensures only the...
4 Best Practices For Eduroam Deployment
Scholars and students often visit different campuses for internships, seminars, conferences, and other events. Accessing secure Wi-Fi at foreign campuses has always been a challenge for these individuals who require...
How to Configure Dynamic VLAN for EAP-TLS
Researching and implementing new cybersecurity technologies is a vital aspect of maintaining an effective network for your organization. But transitioning to more up to date security measures often comes with...
Benefits of Digital Certificates For Secure Eduroam Wi-Fi
Eduroam has become crucial for colleges worldwide, providing students and staff with seamless, cross-campus Wi-Fi connectivity. However, as more institutions use Eduroam as their principal Wi-Fi network, security and accessibility...
You Don’t Need LDAP for 802.1X Anymore
Without protection, your organization’s network is vulnerable to cyber attacks. The 802.1X protocol heightens network security by introducing RADIUS servers for authentication, and Lightweight Directory Access Protocol (LDAP) has commonly...
(Solved) Android 11 Samsung “Deep Sleep” Wi-Fi Connectivity Issue
Android devices have long had an “app sleep” feature designed to reduce power usage for infrequently used apps, and it’s not a new problem that it can cause apps to...
Designing a Zero Trust 802.1x Network
As hackers get more sophisticated and hands-on, network security strategies have to adapt to meet the new challenge. An old idea that has recently been given new life is the...
Configure 802.1X Authentication with Microsoft Office 365 Suite
We are living in an age where basically every person has an online footprint, whether it be for entertainment or to conduct business. Since millions of people are taking their...
5 Network Access Control (NAC) Best Practices
Cybercrimes have been a cause of concern for organizations in recent times, especially when they are expanding remotely. Even nations’ policymakers have expressed concern about the surge in cybersecurity attacks over the...
Setup Microsoft Defender for Cloud Conditional Access App Control
Managed PKI solution for Microsoft Defender for Cloud Conditional Access App Control
5 Ways to Protect iOS Networks From Password Sharing Risks
If you are an Apple device user, you must know about the Airdrop feature, which lets you share files. You can also use the Airdrop feature to share your WiFi...
Attack Vectors That Leave Your 802.1X Network Vulnerable
When used correctly, 802.1X authentication is the gold standard for network security. However, even seasoned IT professionals fail to recognize some key points of attack. If they are left unchecked,...
X.509 Digital Certificates Explained
In order to run a certificate-based network, admins need to understand how to create and configure X.509 certificates. X.509 is a cryptography standard for defining a public key certificate. X.509...
Analysis Of Windows On-Premise vs. Cloud PKI Servers.
The definition for a Public Key Infrastructures (PKIs) varies among cyber security professionals, but is generally considered a collection of components that give everything an organization needs to issue and...
MAC Auth Bypass In 802.1X Network: An Overview
A look at how RADIUS MAC Auth Bypass and MAC Address Filtering can help secure and manage your IoT devices.
An Overview of Server Certificate Validation in Android 13
Integrating the capabilities of two leading operating systems, Android and Windows, have been a dream for most tech-savvy enthusiasts across the globe. Microsoft is going to offer this upgrade by...
Configuring Passpoint/OpenRoaming on Android
For individuals who possess an Android mobile device, the significance of Wi-Fi connectivity to their gadget is widely recognized. In addition to cost savings, utilizing this method yields faster data...
Complete Guide to iOS 802.1X
Securely connecting iOS devices to a network can be a difficult task, especially since the Covid-19 pandemic sped up the inevitable rise of hybrid work environments. Network security must be...
How to Create Network Policies Based on Intune Device Compliance
Intune's device compliance attribute is a powerful tool for managing the devices on your network. Here's how you can turn it into a robust network policy with SecureW2.
What is TLS Encryption?
Transport Layer Security is a protocol that ensures privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today and is incorporated into web...
Wi-Fi Onboarding Captive Portal Best Practices
Accessing Wi-Fi networks easily and remotely has become a critical interaction point between organizations and their remotely located users. The captive portal is at the center of this process. It...
How AAA Servers Work
WPA2-Personal is common in homes and cafes – a security type requiring a preshared key (PSK). But some networks cannot be secured with a password, they want a username and...
The History of RADIUS Authentication Protocol: IEEE 802.1X
The Internet has been one of our most transformative and fast-evolving technologies. According to Satista.com, the internet user base increased from 413 million in 2000 to nearly 4.9 billion in...
Troubleshooting Common SCEP Errors
Simple Certificate Enrollment Protocol (SCEP) automates certificate distribution to issue and manage network certificates for users and devices securely. SCEP protocol addresses certificate enrollment without any intervention by end users. ...
A Comprehensive Review of Certificate Pinning: The Challenges and Alternatives
While digital certificates undoubtedly provide a more secure authentication method than passwords, some organizations still fear the possibility that certificates can be issued to unauthorized parties. Certificate pinning is a...
A Deep Dive into the Security of WPA2-PSK
In Wi-Fi security, one protocol stands out for its widespread adoption and significant role in protecting data: WPA2-PSK. This protocol, short for Wi-Fi Protected Access 2 – Pre-Shared Key, has...
How Does WPA-Enterprise Secure Your Network
Securely authenticating network users is a fundamental aspect of network security and is the source of significant challenges for many network administrators. Authentication security has never been more important; In...
How To Use RadSec For A Secure Roaming Network
Integrating a RADIUS server with your network security infrastructure is a wise decision. RADIUS or AAA (Authentication, Authorization, and Accounting) servers guard your network against unauthorized access by verifying individual...
List of Devices Supporting 802.1x
It is hard to imagine life without Wi-Fi, both in personal or professional spaces but we can not deny that it has parallelly caused the transmission of more and more...
How To Set Up 802.1X Using Azure AD
You can configure 802.1X using Azure AD by syncing it with an LDAP server or enrolling every device with an x.509 certificate.
Microsoft Intune Enterprise Wi-Fi Profile Best Practices
Microsoft Endpoint Manager (Intune) is a stellar MDM that we frequently encounter in managing managed devices, especially when the enterprise size is large, and we need to have centralized control...
A Complete Guide To Wi-Fi Security
In the modern world, it seems as though it would be nearly impossible to function without access to the wireless internet. People everywhere rely on Wi-Fi for everything from entertainment...
How To Configure 802.1X for Ubiquiti UniFi
In an era where network infrastructures must run smoothly, protecting sensitive data and securing connections is crucial. Ubiquiti UniFi is a market leader in networking solutions, providing a dependable and...
A High-Level Overview of Windows 802.1x Authentication
802.1X is a network security protocol that enhances the security of a network by requiring authentication before granting access, preventing unauthorized network access. In Windows environments, 802.1X is widely employed...
[Solved] Wi-Fi Security Certificate Error
Functioning in the current world would be virtually impossible without access to wireless internet or Wi-Fi. Wi-Fi is used by people all over the world for everything from entertainment to...
8 WiFi Hacks: How They Work and Preventive Measures
Our lives now wouldn’t be the same without an internet connection, and WiFi networks give us quick and easy access. Nonetheless, hackers find WiFi networks a desirable target due to...
Complete Guide to MacOS 802.1X
Implementing robust authentication protocols is paramount in today’s hyper-connected digital environment, where data security and network integrity are paramount. MacOS 802.1X authentication stands out among these protocols as a crucial...
WPA2 vs 802.1X: What’s the Difference?
Nowadays, there are numerous methods and types of encryption used to secure networks. Businesses should look beyond using WPA2-PSK, which isn’t secure enough for their needs. It’s easy to get...
How to Configure RADIUS on Windows 2016: A Detailed Guide
A WPA-2 Enterprise network is incomplete without a RADIUS server, thanks to its triple role of Authentication, Accounting, and Authorization (AAA). Any robust network security demands all three functions for...
EAP-TLS vs. PEAP-MSCHAPv2: Which Authentication Protocol is Superior?
Ensuring network users are able to securely authenticate to the wireless network is paramount to the overall safety and security of your organization. So many attacks are aimed at exploiting...
Everything You Need to Know About SecureW2 Deployment
Relying on passwords alone to safeguard access to your resources (including Wi-Fi, applications, and email security) is no longer secure. Cyber attacks designed to harvest credentials become increasingly complex by...
How to Authenticate to VPN with EAP-TLS
In today’s world, VPNs (Virtual Private Networks) are very important for individuals and small and large-scale business owners. However, utilizing a VPN can be tricky due to some common difficulties...
Kandji Enterprise Wi-Fi Profile Settings Guide
With a focus on centralized control of Apple devices, Kandji stands out as an innovative leader in modern enterprise management. IT managers can easily automate device deployment, enforce security policies,...
What is a Jamf Push Certificate?
Do you use Apple devices in your work infrastructure? Then you’ve probably heard of Jamf. Jamf Pro is one of the most robust and feature-dense solutions for managing Apple devices....
Configuring Azure AD CBA with Conditional Access Policies
Conditional Access Policies, the If-Then statements available in Microsoft Azure AD (Entra ID), enable a much more granular level of access control over the resources managed with Azure AD /...
What is Certificate-Based Authentication?
An IBM study says that stolen or compromised passwords are the most common reason for a data breach. Let’s be honest, usernames and passwords aren’t a good way to prove...
What is Cryptographic Agility and Why Does it Matter?
Cryptography is a cornerstone of securing information systems. It involves encoding data to ensure only authorized parties can access it. By converting data into an unreadable format, cryptography protects sensitive...
Simple, Practical Security Guidance for AD CS
In 2008, Microsoft released the Active Directory Certificate Services(AD CS) feature to allow Administrators to manage their own Public Key Infrastructure and their Remote Authentication Dial-In User Service(RADIUS). This paved...
Jamf RADIUS Server Best Practices
For small and medium-sized enterprises, coordinating employees’ iPhone, iPad, and Mac devices may distract you from your primary responsibilities. Jamf assists businesses in addressing this issue. The affordable cloud-based solution...
802.1X Port Security Simplified
Did you know that the cost of data breaches reached a whopping $4.35 million in 2022? Data breaches cost organizations a lot in penalties and lost business opportunities. Almost 68%...
Identifying Network Issues with 802.1X
Open SSIDs don't offer the degree of troubleshooting visibility 802.1X does. Here's how 802.1X helps you troubleshoot network issues.
7 Critical IAM Tools
As an organization, you know there are a lot of factors to consider when provisioning network access to employees. You need to ensure that the users are who they claim...
Google Cloud Certificate Authorities Service Alternative
The digital world has been on a growth spurt for the past few years as more and more devices have come into being. An average user has at least two...
Updating Your Network Access Control After a Merger or Acquisition
Updating your network access control after mergers doesn't have to be hard. With the right cybersecurity tools, your NAC can emerge better than ever.
Configuration Guide: Windows RADIUS Server 2012
Anytime there’s a discussion about a wired or wireless authentication, it’s probable that the word “RADIUS server” will come up sooner or later. RADIUS, also known as a “AAA server,”...
HIPAA Compliant Wireless 802.1X
The Health Insurance Portability and Accountability Act (HIPAA) has impacted the way healthcare organizations operate since its introduction in 1996. Its goal, ultimately, was to protect patient data by imposing...
Azure AD Conditional Access with 802.1X
The post-pandemic world is witnessing an exponential surge in cloud-based network solutions as many businesses transition into digital mode. Interestingly, many cutting-edge wireless technologies like 5G, virtual reality, and AI...
Cloud 802.1x Explained
What Is Cloud 802.1x? An 802.1x network is unique in one major way; it uses a Cloud RADIUS server as a means of authenticating users. The Cloud RADIUS checks a...
What is Certificate Lifecycle Management?
Using X.509 digital certificates for authentication is an immediate and significant upgrade to credential (password) authentication, but it requires proper support infrastructure. Certificate Lifecycle Management systems (CLM/CLMS), also called Certificate...
Foxpass RADIUS vs. Jumpcloud RaaS
Network authentication has evolved in lockstep with the development of software over the years. The networking protocols considered secure just a few years back have not withstood the test of...
This Security Flaw is Preventing Organizations from Switching to Azure AD
The migration from on-premise to cloud-based network infrastructure is becoming more and more common. With better security, scalability, and user experience, the benefits of the cloud cannot be denied. For...
What is a Hardware Security Module?
More than ever, businesses and organizations have a responsibility to secure their data. Highly adaptable organizations have begun to implement a PKI as a means to upgrade network security. According...
What is the Android Trusted Credentials Store?
Similar to Windows and macOS, Android devices need a system in place in order to determine if a certificate issued by a particular Certificate Authority (CA) is trusted. How does...
Setting up Secure BYOD Wi-Fi for K-12 Students
The days of getting in trouble for bringing technology into class are long gone. Many school districts actually rely on students to bring their own devices in order to incorporate...
Assigning Network Access Policies Based On SSID
Using network access policies to segment users into VLANs with appropriate permissions is a core part of every organization’s identity and access management (IAM) strategy. More options to customize access...
How to Secure 802.1X for Remote Workers
Though remote work wasn’t started by the Covid-19 pandemic, it has increased drastically to the point that working from home will be commonplace for many workers. Unfortunately that leaves organizations...
Issuing Certificates to Corporate-Owned Devices with Okta
Large organizations face a common problem when it comes to authentication: managing a variety of credentials for an assortment of different web applications. Each different application requires a unique set...
How to Setup Microsoft Enterprise PKI
The definition for a Public Key Infrastructures (PKI) varies among cyber security professionals, but is generally considered a collection of components that give everything an organization needs to issue and...
How to Issue a Certificate from a Microsoft CA Server
Now that we’ve learned passwords are not a secure form of authentication, organizations are implementing digital certificates, which provide stronger security and can be leveraged for more efficient network authentication....
How to Configure RADIUS with G-Suite (Google Workspace)
Google Suite, also known as Google Workspace is many people’s go to cloud-based productivity suite. While Google Suite is known for its ease of use, it’s credential-based authentication creates another...
Best Network Security Solutions for MSPs
Among small businesses that have been targeted by cyber-criminals, 70% were used as an entry point into a larger enterprise system they supply to. Nearly half (48%) of the cases...
How To Use Azure AD Conditional Access for a Zero Trust 802.1x Network
The standard method of thinking about network security is long overdue for an update. The usual “perimeter protection” approach consists of defining, and then controlling, a virtual boundary to make...
Does AD CS Work in the Cloud?
Digital certificates have taken over as the preferred method of network authentication because of their proven superiority to passwords in security and user experience. Many organizations recognize this and want...
PKI for Microsoft GPO
Microsoft’s Group Policy Object (GPO) is a useful tool to allow administrators to control the level of access for users on the network. In addition to providing strong security from...
Top 3 Tips on Configuring Policies in Active Directory Certificate Services
Active Directory Certificate Services (AD CS) is a Windows server software solution designed to issue x.509 digital certificates. Certificates have proven to be more secure and easier to use than...
Enable 802.1X For Guest Users with Azure AD B2B and SecureW2
Business-to-Business collaboration is essential for company growth. Thousands of companies have collaborated on projects to increase company value and spread risk. At the core of these collaborations is identity and...
Managed PKI Solutions for Active Directory Certificate Services
Investing in a Public Key Infrastructure (PKI) for your 802.1x network is the single best decision you can make to improve your network. The hardened security and improved user experience...
Dynamic RADIUS VLAN Assignment for VPN
One quarter of all internet users in the world used a VPN in the last month to protect their identity privacy and their data privacy while accessing the internet. Are...
Best Cyber Security Practices for MSPs
Over 30 millions businesses have fewer than 1,000 employees and many don’t have the IT budget to provide effective network security. Managed Service Providers (MSP) are a godsend for small...
Can I Use NPS with Cloud Directories?
The RADIUS protocol is used by thousands of organizations to protect their networks. Network admins set up RADIUS servers to verify approved network users, drastically reducing the risk of a...
Secure Authentication for Azure Networks
Wireless security is crucial now that most sensitive data can be accessed online. It’s imperative for network administrators to dictate who can access the network and how much they’re allowed...
Use Azure AD B2C for 802.1x Authentication
Microsoft employs a myriad of acronyms for their product names, so it’s often difficult to tell them apart or to guess their function. “Azure AD (Microsoft Entra ID) B2C” is...
Dynamic RADIUS Policy Enforcement with Static Certificates
Certificate-based WPA2-Enterprise networks are extremely secure, but x.509 digital certificates can be a hassle to manage. Although SecureW2 has one of the best certificate management platforms in the industry, we’re...
A Cloud PKI Solution for Azure AD
Azure AD (Microsoft Entra ID) customers can ditch password-based authentication and switch to x.509 certificate-based authentication. Digital certificates offer vast improvements to network security, efficiency, and user experience. But in...
How to Use Google for 802.1x Wi-Fi
Organizations are making the much-needed transition to cloud-based network solutions and Google is a forerunner in getting people’s devices and networks in the cloud. However, for some, getting your devices...
Generate x.509 Certificates with Okta
A major challenge that organizations face in regards to certificates is enrolling users without Active Directory. In response, SecureW2 has developed a solution that can provide a certificate-based network regardless...
Enabling Windows Machine Certificate Authentication
Looking to use certificate-based authentication on your managed windows devices? Machine authentication with x.509 certificates permits managed Windows machines that don’t belong to any users, to authenticate onto a 802.1X...
Enabling 802.1x with AD CS
Keeping your network secure from unwanted intruders is increasingly difficult with the advancements in technology. It’s relatively easy for malicious actors to obtain network access and steal all the data...
802.1x Without Active Directory
802.1X is the de facto gold standard that organizations should strive for when it comes to authentication; it’s safe, secure, and efficient, especially when combined with certificates. However, setting up...
PPSK Is Not an Alternative to 802.1x
Believe it or not, the aging WPA-Personal protocol has seen some innovation in the past few years. Several companies have developed unique PSK authentication protocols with varying names, though “Private...
3 Mistakes Universities Make Deploying 802.1x and WPA2-Enterprise
Over the past decade, we’ve helped hundreds of organizations around the world secure and set up WPA2-Enterprise networks. While WPA2-Enterprise remains the golden standard for 802.1x authentication, there are many...
Update Your Browser to TLS 1.2 to Support 802.1x WPA2-Enterprise
Organizations should be aware of an important update to TLS. TLS 1.2 is the most recent update that builds on top of TLS 1.0 and TLS 1.1 to increase network...
Reduce the Risks of a Certificate Authority
Recently, cybercriminals have begun targeting public Certificate Authorities (CA) to obtain legitimate certificates and then sell them on the black market. Because these are verified and signed certificates obtained by...
Use WPA-2 Enterprise To Efficiently Onboard Thousands of Devices
Each year, college campuses must navigate the trials associated with successfully onboarding thousands of new students to the wireless network. This may have been moderately challenging 10 years ago, but...
Top 3 Mistakes When Setting Up a WPA2-Enterprise Network
The importance of wireless security cannot be understated as the threat of data theft continues to rise. WPA2-Enterprise networks are the first line of defense – they’ve been proven time...
What’s In Store With WPA3-Enterprise?
The network type WPA has been upgraded once since its inception in 1999. In 2004, it was replaced by WPA2, which has stood as the standard for highly secure wireless...