How to Create a Cloud-Based RADIUS Server
In order to successfully configure a WPA2-Enterprise network, a RADIUS server is a must. The RADIUS authorizes and authenticates users signing into the network and eliminates any speculation into who...
Apple Managed Device Attestation Explained
Apple introduced Managed Device Attestation (MDA) to give organizations stronger assurance about the devices they authorize for access. Device Trust, which identifies devices managed by your organization and ensures they...
Understanding Authentication Strengths in Conditional Access
As cyberattacks become more targeted and identity becomes the core of security strategy, IT administrators are rethinking how users authenticate to sensitive resources. Organizations widely adopt Multi-Factor Authentication (MFA) to...
What Are the EAP Method Requirements For WPA3-Enterprise?
The only EAP method allowed in WPA3-Enterprise 192-bit mode is EAP-TLS, which uses X.509 certificates for client and server-side authentication. No other EAP authentication types are permitted, since they lack...
RADIUS + Dynamic PKI: Better Together
With many devices attempting to connect to the network, identifying potential risks from compromised devices becomes paramount. This is where a robust Public Key Infrastructure (PKI) integrated with RADIUS comes...
Can I Use Azure With A RADIUS Server?
Organizations worldwide are making the transition to cloud-based network solutions. To ease the transition, Microsoft created Entra to aid clients in moving their directories from on-premise Active Directory (AD) to...
Network-as-a-Service (NaaS): Explained
NaaS, or Network as a Service, is a cloud-based networking model that modifies how businesses handle and use their networks. Instead of having a lot of network equipment on-site, you...
Drawbacks of NPS in a Cloud Environment
Organizations want different technologies to work well together and integrate smoothly so they can be used more efficiently. The combination of Microsoft Azure and Network Policy Server (NPS) frequently generates...
How To Use RadSec For A Secure Roaming Network
RadSec is an 802.11x protocol designed to securely transfer information from a RADIUS through TCP (Transmission Control Protocol) and TLS (Transport Layer Security) for protected communications. At a basic level,...
How to Use Active Directory Set-up For Wi-Fi and CloudRADIUS
Organizations that leverage Microsoft Active Directory (AD) often want to connect their core user identities to their Wi-Fi network. The goal is to enable users to authenticate uniquely to the...
What Is RADIUS Certificate-Based Authentication?
As cyber security risks increase and secure access to network resources is required, organizations are adopting different authentication methods. RADIUS certificate-based authentication is one of those methods that increase the...
4 Best Practices For Eduroam Deployment
Scholars and students often visit different campuses for internships, seminars, conferences, and other events. Accessing secure Wi-Fi at foreign campuses has always been a challenge for these individuals who require...
You Don’t Need LDAP for 802.1X Anymore
Without protection, your organization’s network is vulnerable to cyber attacks. The 802.1X protocol heightens network security by introducing RADIUS servers for authentication, and Lightweight Directory Access Protocol (LDAP) has commonly...
What is Microsoft NPS?
In an era dominated by cloud-centric solutions, Microsoft NPS sets out as an on-premise network security tool for Windows Server. Its primary goal is centralizing network regulations, user identities, and...
FreeRADIUS vs. Cisco ISE
Cyber-attacks cost small businesses an average of $84,000 to $148,000, and 60% of those attacked go out of business in 6 months. As organizations continue to grow, it becomes more...
Device-Based vs User-Based RADIUS Lookup
If all the users in your network fit into one single group, RADIUS authentication would be simple. Alas, things aren’t that easy; administrators often find themselves needing to specifically distinguish...
A Security Analysis of WPA-Personal
In the continuous effort to strengthen wireless network security, Wi-Fi Protected Access (WPA) represents a significant turning point. Data transmission over airwaves is becoming increasingly common in the ever-expanding digital...
What is the Trusted Root Certification Authorities Store?
A Certificate Authority (CA) is the entity that handles the certificate distribution for a PKI. Certificate Authorities assist in validating the identities of different websites, individuals, and devices by providing...
Designing a Zero Trust 802.1x Network
As hackers get more sophisticated and hands-on, network security strategies have to adapt to meet the new challenge. An old idea that has recently been given new life is the...
Passwords vs. Digital Certificates For RADIUS Authentication
Businesses understand the importance of passwords for private data security but might not realize that using a network with passwords poses many security threats. As hacking techniques become more advanced,...
Configure 802.1X Authentication with Microsoft Office 365 Suite
We are living in an age where basically every person has an online footprint, whether it be for entertainment or to conduct business. Since millions of people are taking their...
Configure RADIUS on Windows Server 2008
The name RADIUS needs no introduction whenever you imagine a wired or wireless authentication server. Commonly referred to as AAA servers, RADIUS performs the core task of Authentication, Accounting, and...
RADIUS Server Authentication: Explained
A RADIUS server prevents unauthorized access to your network - and, thanks to services like Cloud RADIUS, this powerful authentication tool is more accessible than ever.
Is there an Alternative to Windows NPS?
Microsoft’s Network Policy Server (NPS) is a AAA RADIUS server used for a number of different types of network connections. It can be used for wireless authentication, VPN connections, dial-up,...
Windows RADIUS Server Pros and Cons
There are thousands of deployed instances of Windows RADIUS Server across the world, but users still debate its capabilities to keep their large networks intact and secure, giving rise to...
5 Network Access Control (NAC) Best Practices
Cybercrimes have been a cause of concern for organizations in recent times, especially when they are expanding remotely. Even nations’ policymakers have expressed concern about the surge in cybersecurity attacks over the...
How to Configure Azure AD CBA
With the introduction of Azure AD CBA, Microsoft has taken steps to move past using passwords - and your organization can, too.
Enabling RADIUS MAC Auth Bypass for IoT
Enabling RADIUS MAC Auth Bypass for IoT devices can alleviate cyber threats and help improve your network security. Here's How
Coworking Wi-Fi Security Best Practices: How to Protect Shared Networks
Coworking spaces are on the rise with the increase in the number of remote workers. Many organizations have moved towards coworking as the shared office model offers similar benefits as that of a...
5 Ways to Protect iOS Networks From Password Sharing Risks
If you are an Apple device user, you must know about the Airdrop feature, which lets you share files. You can also use the Airdrop feature to share your WiFi...
Attack Vectors That Leave Your 802.1X Network Vulnerable
When used correctly, 802.1X authentication is the gold standard for network security. However, even seasoned IT professionals fail to recognize some key points of attack. If they are left unchecked,...
Troubleshoot Okta RADIUS Internal Server Error
Okta is one of the leading Identity and Access Management (IAM) service providers for enterprises around the globe. They provide a great user experience, but sometimes you might encounter some...
The Best Cloud RADIUS Server For Authentication
Due to the COVID-19 pandemic, employees are working from home now more than ever before. According to a Stanford study, an incredible 42 percent of the U.S. labor force now...
Guide: How To Build A PKI Certificate Authority
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates. A digital certificate certifies the ownership of a public key by tying it cryptographically...
WPA2-Password Safety In An Enterprise Network
When you try to connect to a Wi-Fi network and are asked for a password, do you ever find it hard to figure out what to do? You’re not by...
Why is EAP-TTLS/PAP Not Safe in 2024
When designing a new network, there are countless features to consider that significantly impact the organization at large. Few functions of the network impact users more than the authentication method...
Configure Microsoft GPO with RADIUS Authentication
Integrating Microsoft’s Group Policy Object (GPO) with RADIUS authentication effectively improves network security and access control. GPO enables administrators to apply policy settings for specific user groups, ensuring that individuals...
Can I Set Up Microsoft NPS in the Cloud?
Microsoft Network Policy Server (NPS) is Microsoft’s AAA RADIUS server. It authorizes and authenticates users and devices for network connections. NPS is an on-premise RADIUS server and uses the Active...
Guide: TLS Authentication and How It Works
The essence of Transport Layer Security (TLS) requires understanding two key concepts: encryption and authentication. While encryption ensures that the data transmitted between your browser and the web server is...
X.509 Digital Certificates Explained
In order to run a certificate-based network, admins need to understand how to create and configure X.509 certificates. X.509 is a cryptography standard for defining a public key certificate. X.509...
WEP vs. WPA vs WPA2- The Better Wifi Authentication
One key component of wireless security is encryption, which is the process of encoding data before it is transmitted over the air. Only authorized parties with the correct decryption key...
Analysis Of Windows On-Premise vs. Cloud PKI Servers.
The definition for a Public Key Infrastructures (PKIs) varies among cyber security professionals, but is generally considered a collection of components that give everything an organization needs to issue and...
MAC Auth Bypass In 802.1X Network: An Overview
A look at how RADIUS MAC Auth Bypass and MAC Address Filtering can help secure and manage your IoT devices.
Complete Guide to iOS 802.1X
Securely connecting iOS devices to a network can be a difficult task, especially since the Covid-19 pandemic sped up the inevitable rise of hybrid work environments. Network security must be...
How to Create Network Policies Based on Intune Device Compliance
Intune's device compliance attribute is a powerful tool for managing the devices on your network. Here's how you can turn it into a robust network policy with SecureW2.
Can you Authenticate RADIUS with YubiKeys?
As YubiKeys achieve widespread adoption, the industry keeps finding more and more uses for the powerful little device. One of the more interesting use cases for YubiKey is AAA/RADIUS authentication....
8 Top IAM Platforms
In the expanding digital environment, users are signing in from various devices such as smartphones, laptops, and tablets. Whenever a user logs in, onboards, offboards, resets a password, or changes...
Do RADIUS Servers use AD?
Do you know what facilitated back-office IT functions for any business twenty years ago? It was Active Directory, Microsoft’s user directory system. Because Active Directory simplified the task for organizations to...
What is TLS Encryption?
Transport Layer Security is a protocol that ensures privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today and is incorporated into web...
NAC Vendors: Cisco ISE vs. Aruba Clearpass
The rise in the popularity of remote work has caused a massive portion of the workforce to stay home. This is made possible by advanced BYOD devices with top-notch technical...
How AAA Servers Work
WPA2-Personal is common in homes and cafes – a security type requiring a preshared key (PSK). But some networks cannot be secured with a password, they want a username and...
The History of RADIUS Authentication Protocol: IEEE 802.1X
The Internet has been one of our most transformative and fast-evolving technologies. According to Satista.com, the internet user base increased from 413 million in 2000 to nearly 4.9 billion in...
Troubleshooting Common SCEP Errors
Simple Certificate Enrollment Protocol (SCEP) automates certificate distribution to issue and manage network certificates for users and devices securely. SCEP protocol addresses certificate enrollment without any intervention by end users. ...
Jamf vs. Intune: The Best Way to Manage Apple Devices
The rise in hybrid work culture has increased the usage of mobile devices such as smartphones and tablets for corporate purposes. Organizations must strengthen the security of these devices to...
A Comprehensive Review of Certificate Pinning: The Challenges and Alternatives
While digital certificates undoubtedly provide a more secure authentication method than passwords, some organizations still fear the possibility that certificates can be issued to unauthorized parties. Certificate pinning is a...
A Deep Dive into the Security of WPA2-PSK
In Wi-Fi security, one protocol stands out for its widespread adoption and significant role in protecting data: WPA2-PSK. This protocol, short for Wi-Fi Protected Access 2 – Pre-Shared Key, has...
Can You Use Certificates for Single Sign-On (SSO)?
Forgetting your password is one of the worst things about the internet. Unfortunately, it is encouraged to create complex passwords, making remembering them more difficult. Consequently, a considerable number of...
How Does WPA-Enterprise Secure Your Network
Securely authenticating network users is a fundamental aspect of network security and is the source of significant challenges for many network administrators. Authentication security has never been more important; In...
How To Solve the NPS Error Code 66 in Meraki?
The RADIUS server plays a vital role in the authentication within a network infrastructure. NPS (Network Policy Server) is Microsoft’s own RADIUS solution that performs a similar role of filtering...
How To Test MITM Attacks And Protect Networks
A man-in-the-middle (MITM) attack is a highly effective type of cyber attack that involves a hacker infiltrating a private network by impersonating a rogue access point and acquiring login credentials....
How To Use RadSec For A Secure Roaming Network
Integrating a RADIUS server with your network security infrastructure is a wise decision. RADIUS or AAA (Authentication, Authorization, and Accounting) servers guard your network against unauthorized access by verifying individual...
Public vs Private Certificate Authority
Certificate authorities (CAs) play a critical role in securing digital communications and data exchange. Organizations must choose between public and private CAs based on their unique security requirements, use cases,...
MacOS AD Bind Issues Post Microsoft Kerberos Update
On October 11th, 2022 Microsoft pushed an update to enforce domain controller validation for Active Directory. The purpose of this update is to shore up a security bypass vulnerability that...
List of Devices Supporting 802.1x
It is hard to imagine life without Wi-Fi, both in personal or professional spaces but we can not deny that it has parallelly caused the transmission of more and more...
How to Enable Windows Machine Certificate Authentication
Whether you use Windows, macOS, or any other operating system, deploying digital certificates for your device can be the most impactful step to strengthening your network security. Digital certificates use...
LDAP Authentication with Azure AD
LDAP (Lightweight Directory Access Protocol) authentication can confirm user identities across a network. It uses a centralized directory system for user authorization and authentication. On the other hand, Microsoft offers...
Understanding Phishing-Resistant MFA in Azure AD
On an average day, most employees have to log into numerous different applications and resources at work. The influx of applications necessary for work has led to an exponential increase...
How to Generate Root & Intermediate CAs
With 10 million attacks targeting usernames and passwords occur every day. it’s not a bad idea to drop passwords wherever possible. A proper PKI allows your network to utilize certificate-based...
What’s the Difference between RADIUS, TLS, and EAP-TLS?
There are many components involved in running a secure network. It’s very easy to get bogged down by different terminology and be confused about what exactly each component does. This...
How To Set Up 802.1X Using Azure AD
You can configure 802.1X using Azure AD by syncing it with an LDAP server or enrolling every device with an x.509 certificate.
Active Directory Certificate Services (AD CS): Explained
There are many components involved in running a certificate-based network. You need to establish trusted servers and certificate authorities (CA), make sure devices can enroll for certificates, authenticate users, manage...
FreeRADIUS with Google LDAP: How Does it Work?
Is an authentication system built around FreeRADIUS with Google LDAP more economical? Learn the truth about this setup here.
What is the Most Secure Method of Wi-Fi Authentication?
The first layer of defense for a wireless network is the authentication process. With a strong authentication barrier, an organization can feel confident that only approved network users are able...
PEAP-MSCHAPv2 Vulnerability Allows For Credential Theft
In 2013, Microsoft released a report of a known security vulnerability present within Wi-Fi authentication. The 802.1x authentication protocol known as PEAP-MSCHAPv2, a widely supported standard, can be exploited to...
How to Enable MFA for Google Workspace
Cyber-attacks are becoming more sophisticated, with hackers exploiting every available option to infiltrate your network. One-step authentication methods, such as using a login ID and password, are no longer enough...
Troubleshooting Commonly Encountered Okta Sign-In Errors
Okta is one of the leading identity and authentication platforms compatible with both cloud and on-premise directories. They provide a great user experience, but sometimes you might encounter networking errors...
How To Enable RADIUS CBA On Google Workspace?
If the cybersecurity community could be compared to a court, the jury has reached its verdict: it’s time to move past outdated pre-shared keys as a means to network authentication....
An Overview Of RADIUS Certificate-based Authentication
With an increasing number of cybersecurity risks and the necessity for secured access to network resources, organizations are implementing various authentication methods. RADIUS certificate-based authentication is one of these techniques,...
Does LDAP work with Entra ID? Yes and No
To make a long story short: Microsoft offers the ability to sync Azure AD (Microsoft Entra ID) with an LDAP server, which can suffice as a short-term solution. This means...
A Complete Guide To Wi-Fi Security
In the modern world, it seems as though it would be nearly impossible to function without access to the wireless internet. People everywhere rely on Wi-Fi for everything from entertainment...
How To Configure 802.1X for Ubiquiti UniFi
In an era where network infrastructures must run smoothly, protecting sensitive data and securing connections is crucial. Ubiquiti UniFi is a market leader in networking solutions, providing a dependable and...
A High-Level Overview of Windows 802.1x Authentication
802.1X is a network security protocol that enhances the security of a network by requiring authentication before granting access, preventing unauthorized network access. In Windows environments, 802.1X is widely employed...
How to Resolve NPS Reason Code 22
Remote Authentication Dial-in User Service (RADIUS) is integral to network infrastructure, especially for authentication, authorization, and accounting (AAA) purposes. NPS (Network Policy Server) is Microsoft’s RADIUS server, replacing its age-old...
Why You Shouldn’t Use NPS with Azure AD (Microsoft Entra ID)
Since cloud-based solutions are becoming the norm today, knowing how different identity and access management tools work together and what they do is important. This article details Microsoft NPS (Network...
[Solved] Wi-Fi Security Certificate Error
Functioning in the current world would be virtually impossible without access to wireless internet or Wi-Fi. Wi-Fi is used by people all over the world for everything from entertainment to...
EAP-TLS vs. EAP-TTLS/PAP
Choosing the right authentication protocol is more than a matter of security. Authentication is the critical check ensuring only rightful users can access certain data or networks. The decision between...
8 WiFi Hacks: How They Work and Preventive Measures
Our lives now wouldn’t be the same without an internet connection, and WiFi networks give us quick and easy access. Nonetheless, hackers find WiFi networks a desirable target due to...
What is NAS-ID?
The Network Access Server (NAS) is the frontline of authentication – it’s the first server that fields network authentication requests before they pass through to the RADIUS. The NAS Identifier...
WPA2 vs 802.1X: What’s the Difference?
Nowadays, there are numerous methods and types of encryption used to secure networks. Businesses should look beyond using WPA2-PSK, which isn’t secure enough for their needs. It’s easy to get...
How to Configure RADIUS on Windows 2016: A Detailed Guide
A WPA-2 Enterprise network is incomplete without a RADIUS server, thanks to its triple role of Authentication, Accounting, and Authorization (AAA). Any robust network security demands all three functions for...
RADIUS Events Logs: How to View and Access Them
RADIUS servers are often called AAA (authentication, authorization and accounting) servers because they perform each of those three functions. Accounting – which refers to the process of tracking events as...
A Complete Guide to Configuring Microsoft RADIUS Server
Need a solution for your network authentication, authorization, and accounting (AAA) requirements? RADIUS has been around for decades, used by thousands of organizations. Without a RADIUS server, authentication would have...
Android 11 Server Certificate Validation Error and Solution
*Updated Feb 2021 The dust has settled on the Dec 2020 Android 11 update and, for better or worse, the effects on network authentication have not been as drastic as...
RADIUS Accounting Best Practices
RADIUS is a crucial networking protocol best known for centralized authentication, authorization, and accounting (AAA) administration. The final “A” in AAA signifies accounting, a fundamental aspect of network management. Network...
AAA Server Best Practices
An AAA server processes user requests for access to computer resources and provides an organization’s authentication, authorization, and accounting (AAA) services. The AAA server typically interacts with network access, gateway...
What is Port-Based Network Access Control (PNAC)?
Network security is one of the important factors for organizations of different sizes. As cyber threats evolve, authorized access to network devices and critical resources becomes very important. Port-Based Network...
How to Monitor Network Traffic: Best Tips for IT Pros
Network traffic monitoring is essential for IT professionals to protect the company’s environment against potential vulnerabilities. It tracks data movement across different networks, ensures the network operates efficiently and identifies...
How to Configure 802.1x Printer Authentication?
When organizations establish their IT infrastructure, it’s essential to protect it, including network-connected devices and wired and wireless access points. Printers often fly under the radar among these devices regarding...
What is PKI-as-a-Service (PKIaaS)?
Public Key Infrastructure (PKI) keeps data secure, authenticates identities, and ensures end-to-end encryption. It plays a vital role in securing digital communications and involves a set of roles, policies, hardware,...
What is a DoD PKI?
The Department of Defence Public Key Infrastructure (DoD PKI) is a vital component in strengthening the Department of Defense’s (DoD) digital communications and data-sharing infrastructure. Fundamentally, DoD PKI is an...
Should I Install AD CS on Domain Controller?
IT administrators must decide on network security: should they install Active Directory Certificate Services (AD CS) on a Domain Controller (DC)? Microsoft PKI (Public Key Infrastructure) solutions are the cornerstone...
Everything You Need to Know About SecureW2 Deployment
Relying on passwords alone to safeguard access to your resources (including Wi-Fi, applications, and email security) is no longer secure. Cyber attacks designed to harvest credentials become increasingly complex by...
Introducing WebAuth Wi-Fi with Cloud IDPs
It’s no secret that open Wi-Fi networks are infamously insecure, and Pre-Shared Key (PSK) networks aren’t much better. If you tie your organization’s Wi-Fi to a single password and more...
LEAP Authentication and How It Works
Wi-Fi connection integrity is critical for organizations securing sensitive data or individuals protecting personal information. This requirement has created many authentication methods, each attempting to balance usability and security. LEAP...
Kandji Enterprise Wi-Fi Profile Settings Guide
With a focus on centralized control of Apple devices, Kandji stands out as an innovative leader in modern enterprise management. IT managers can easily automate device deployment, enforce security policies,...
What is an X.509 Digital Certificate?
X.509 certificates are forms of identification that leverage public-private key cryptography. They are a secure replacement for passwords.
How To Prevent Man-in-the-Middle Attacks
Man-in-the-middle attacks (MITM) or on-path attacks are becoming common and complex. Organizations are putting in a lot of effort to mitigate these risks to no avail. Phishing kits are freely...
Configure Azure AD Continuous Access Evaluation for RADIUS
Continuous Access Evaluation (CAE) is an essential security feature in Azure Active Directory (Azure AD) that constantly monitors and evaluates user access to resources. Through CAE, Azure provides a proactive...
What is Secure Sockets Layer (SSL)?
Security over the internet has drastically improved in the few decades that the internet has been widely available. The average user doesn’t realize how much goes on behind the scenes...
AD CS: Domain Escalation Attack Scenario 1 (ESC1)
Active Directory Certificate Services (AD CS) is an essential tool for domain administrators to enhance network security, ensuring secure communication, code signing, and user authentication. Organizations can leverage the 802.1x...
802.1X Port Security Simplified
Did you know that the cost of data breaches reached a whopping $4.35 million in 2022? Data breaches cost organizations a lot in penalties and lost business opportunities. Almost 68%...
How to Fix the “X.509 Certificate Signed by Unknown Authority” Error Code
X.509 digital certificates are a fantastic way to encrypt communication and authenticate into systems, but they require a little more infrastructure to support than your typical username and password credentials....
How to Improve Device Identity Context for Network Security
Protect your network from security breach by getting more visibility over your unmanaged and BYOD devices. Device Identity Context can help you improve network security. Continue reading to know more.
Automated Certificate Management Environment (ACME) Explained
Want to understand what Automated Certificate Management Environment (ACME) Explained is all about? Read this to know more.
Portnox CORE vs. Cisco ISE: NAC Comparison
Read about two popular NAC solutions ad pick out the best one for your organizational needs.
Enrolling Devices for Certificate Auth for OneLogin Device Trust
Amidst uncertainties in times of war, hackers have frequently upgraded their attack modes and penetrated almost every industry you can think of. The Australian cyber-security head has admitted reporting one...
Cloud RADIUS for Wi-Fi Authentication
A survey found that 74% of IT decision-makers whose organizations have been breached in the past say it involved privileged access credential abuse. While Wi-Fi revolutionized networking during the transition from...
IAM vs PAM
IAM and PAM explained and how the right implementation of the two solution can help make your network security secure from cyberattacks
Updating Your Network Access Control After a Merger or Acquisition
Updating your network access control after mergers doesn't have to be hard. With the right cybersecurity tools, your NAC can emerge better than ever.
MFA Options for Cyber Insurance Requirements
More cyber insurance providers require MFA. But why, and what other cyber insurance requirements should you prepare for?
FreeRADIUS vs. Jumpcloud
As technology progresses, hackers have constantly upgraded their modes of attack, which include social engineering techniques to compromise the network space of an organization. Here’s a recent incident of a...
Configuration Guide: Windows RADIUS Server 2012
Anytime there’s a discussion about a wired or wireless authentication, it’s probable that the word “RADIUS server” will come up sooner or later. RADIUS, also known as a “AAA server,”...
HIPAA Compliant Wireless 802.1X
The Health Insurance Portability and Accountability Act (HIPAA) has impacted the way healthcare organizations operate since its introduction in 1996. Its goal, ultimately, was to protect patient data by imposing...
Azure AD Conditional Access with 802.1X
The post-pandemic world is witnessing an exponential surge in cloud-based network solutions as many businesses transition into digital mode. Interestingly, many cutting-edge wireless technologies like 5G, virtual reality, and AI...
Digital Signatures: Explained
An effective Zero Trust architecture is built on a foundation of identity context. Digital signatures support a Zero Trust initiative by cryptographically assuring the identity of the signee, answering questions...
Cloud 802.1x Explained
What Is Cloud 802.1x? An 802.1x network is unique in one major way; it uses a Cloud RADIUS server as a means of authenticating users. The Cloud RADIUS checks a...
The Anatomy Of An X.509 Digital Certificate
Digital certificates are frequently used in the online world as a means of identification. The information embedded in the certificates lets anyone verify the identity of an entity with the...
Code Signing with Digital Certificates: Explained
Imagine you’re installing an application and a pop-up like the screenshot above comes up. How can you be sure that the application you’re about to download is really safe? The...
Foxpass RADIUS vs. Jumpcloud RaaS
Network authentication has evolved in lockstep with the development of software over the years. The networking protocols considered secure just a few years back have not withstood the test of...
This Security Flaw is Preventing Organizations from Switching to Azure AD
The migration from on-premise to cloud-based network infrastructure is becoming more and more common. With better security, scalability, and user experience, the benefits of the cloud cannot be denied. For...
Top 3 Tips for Enrolling Chromebooks with AD CS
There has been a huge increase in the use of wireless devices to connect to organization’s secure networks and it’s created a new security challenge for network admins. Securely connecting...
Can I Use Google Secure LDAP for Wi-Fi?
LDAP’s importance cannot be denied. As a protocol, it has greatly simplified the directory search process. Unfortunately, as time goes on, LDAP has begun to grow outdated, especially given its...
How to Address MAC Randomization for Cloud Networks
Mac Address Randomization is an increasing trend among device manufacturers that are quickly becoming the industry standard. While it can help in reducing the risks of data breaches and spying...
How to Deploy Okta Device Trust on Windows
Device Trust is a concept in cybersecurity with a relatively simple premise; if a device can prove its identity, it can be trusted to have greater access to resources. If...
5 Reasons AD CS Is Not A Complete PKI
Credential-based authentication is the most common form of authentication that everyone is accustomed to. But with most decades-old technologies, credentials are woefully ill-equipped to face modern security threats. While multi-factor...
Using Object Identifiers In PKI Management
Management of a PKI can be a full-time task for an IT team. Ensuring network users are able to authenticate to a secure network, easily maintaining their network identity, providing...
Configuring MFA with AD FS
It’s widely held knowledge that using a single factor for authentication to wireless networks is less than secure and easily exploitable by hackers. Many organizations recognize this and utilize Multi-Factor...
Everything You Need to Know About FIDO2
Security Keys are a method of authentication that is becoming increasingly more commonplace due to the additional layer of security they provide. They are a versatile security component that can...
I Have Active Directory, How do I Move to the Cloud?
It’s no secret that organizations are making the transition to cloud-based network environments. This is especially true considering the dramatic increase in remote work due to the global pandemic. Network...
Zero Trust Strategy Best Practices With AD CS
Zero trust is a burgeoning security practice among cybersecurity-focused organizations. The main concept behind zero trust is limiting a user’s resources to only what they need access to. For example,...
The NPS Extension for Cloud Authentication
Authentication security is an incredibly diverse field with countless options for organizations to choose from. How to authenticate your users to a secure network is a difficult decision to make...
Securing VPN Authentication with AD CS
The rise in remote working has been increasing since the dawn of the digital age, but the increase has seen an especially massive jump since the outbreak of the COVID-19...
Assigning Network Access Policies Based On SSID
Using network access policies to segment users into VLANs with appropriate permissions is a core part of every organization’s identity and access management (IAM) strategy. More options to customize access...
How to Secure 802.1X for Remote Workers
Though remote work wasn’t started by the Covid-19 pandemic, it has increased drastically to the point that working from home will be commonplace for many workers. Unfortunately that leaves organizations...
What is Always On VPN?
The rise in remote working has steadily increased with new innovations in technology, but has seen a massive increase since the Covid-19 pandemic. Companies the world over have sent their...
What is a AWS Private CA?
Private certificate authorities (CA), also known as enterprise CAs, are CAs specifically meant for internal use. They are self-hosted and therefore not trusted externally. The usual use cases come from...
How to Setup Microsoft Enterprise PKI
The definition for a Public Key Infrastructures (PKI) varies among cyber security professionals, but is generally considered a collection of components that give everything an organization needs to issue and...
How to Issue a Certificate from a Microsoft CA Server
Now that we’ve learned passwords are not a secure form of authentication, organizations are implementing digital certificates, which provide stronger security and can be leveraged for more efficient network authentication....
A PKI is the Foundation for Zero Trust Network Security
The IT industry is evolving rapidly, with new technologies, devices, and systems introduced regularly. Organizations are regularly having to update and upgrade their environments regularly to keep up with the...
SolarWinds Compromise
Earlier this month, SolarWinds was breached by (who experts theorize to be) the hacker Russian organization, Cozy Bear. This attack has left 18,000 organizations potentially compromised with 250 of which...
Managed Certificate Authority Services
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates. These certificates cryptographically tie an identity to a public key, ensuring that individuals online...
Using Okta to Implement Zero Trust Network Access
Zero Trust is a cybersecurity concept that is being implemented by many security-conscious organizations to combat the external and internal threats they face. At its core, the purpose of Zero...
Can I Use Group Policy Objects with Azure?
As technology continues to migrate to cloud-based networking, many organizations have sought to take advantage of efficient cloud solutions. As a result, Microsoft-based organizations have been transitioning to Azure for...
How to Configure RADIUS with G-Suite (Google Workspace)
Google Suite, also known as Google Workspace is many people’s go to cloud-based productivity suite. While Google Suite is known for its ease of use, it’s credential-based authentication creates another...
Best Network Security Solutions for MSPs
Among small businesses that have been targeted by cyber-criminals, 70% were used as an entry point into a larger enterprise system they supply to. Nearly half (48%) of the cases...
How To Use Azure AD Conditional Access for a Zero Trust 802.1x Network
The standard method of thinking about network security is long overdue for an update. The usual “perimeter protection” approach consists of defining, and then controlling, a virtual boundary to make...
Does AD CS Work in the Cloud?
Digital certificates have taken over as the preferred method of network authentication because of their proven superiority to passwords in security and user experience. Many organizations recognize this and want...
How To Use Active Directory in the Cloud
Organizations are making the much-needed transition to cloud-based network solutions. To ease the transition, Microsoft created Azure Active Directory to aid clients in moving their directories from the on-premise Active...
Multi-Tenant Cloud PKI for MSPs
A PKI is a vital part of any comprehensive network security strategy and Managed Service Providers (MSPs) are aware of this. Currently, MSPs are under scrutiny as a number of...
Top 3 Tips on Configuring Policies in Active Directory Certificate Services
Active Directory Certificate Services (AD CS) is a Windows server software solution designed to issue x.509 digital certificates. Certificates have proven to be more secure and easier to use than...
TLS/SSL Encryption with Azure
Improving cyber security is crucial for organizations as one cyber attack could trigger the downfall and bankruptcy of an entire business. That’s why end-to-end encryption has become a network security...
Authenticating Guest Users for VPN with Azure AD B2B and SecureW2
Cross-organization collaboration can be tricky for the IT department because they need to make sure the partner’s security policies match their own, then create temporary guest user accounts and ensure...
Enable 802.1X For Guest Users with Azure AD B2B and SecureW2
Business-to-Business collaboration is essential for company growth. Thousands of companies have collaborated on projects to increase company value and spread risk. At the core of these collaborations is identity and...
Dynamic RADIUS VLAN Assignment for VPN
One quarter of all internet users in the world used a VPN in the last month to protect their identity privacy and their data privacy while accessing the internet. Are...
Can I Use Google With LDAP?
Google Suite, also known as Google Workspace, is many people’s go to cloud-based productivity suite. G-Suite is a collection of collaboration tools and software that organizations can use to increase...
Can I Replace LDAP/OpenLDAP with Azure?
OpenLDAP is a free, open-source LDAP server that is used and trusted by organizations around the world. Historically, OpenLDAP has been a good solution for directory services and has succeeded...
Best Cyber Security Practices for MSPs
Over 30 millions businesses have fewer than 1,000 employees and many don’t have the IT budget to provide effective network security. Managed Service Providers (MSP) are a godsend for small...
What is VLAN Steering?
The VLAN (Virtual Local Area Network) is an important tool in the IT toolbox. By emulating the properties of a Local Area Network, you can segment users into any number...
Securing VPN Authentication with RADIUS & MFA
Due to the Covid-19 pandemic, organizations all over the world have closed their offices and sent their employees home to work remotely. The mass exodus from the office to remote...
Top 3 Cybersecurity Concerns for MSPs
Managed service providers (MSPs) have been the focal point of a series of attacks that are starting to draw attention from the public. A study conducted by Vanson Bourne surveyed...
LDAP vs SAML, Access Protocol Comparison
LDAP and SAML are major authentication protocols that securely authenticate users to a network. They determine how users interact with a resource by connecting them to the respective directory services,...
AD DS: Explained
The purpose of online directories is to store resources on the network in a way that it’s simple to access. Microsoft’s Active Directory (AD) has risen through the ranks to...
Can I Use NPS with Cloud Directories?
The RADIUS protocol is used by thousands of organizations to protect their networks. Network admins set up RADIUS servers to verify approved network users, drastically reducing the risk of a...
Strong Network Security with Azure
Azure AD is a highly effective IDP that was built as a successor to Active Directory (AD) to accommodate newer, cloud-centric organizations. AD does not work natively in the cloud,...
What Is RADIUS Redundancy?
In all manner of security, redundancy is strength. It’s a way to ensure that no matter what goes wrong, there is a backup plan in action that can certify safety....
User Lookup With Certificate-Based Authentication
Traditionally, the process of authenticating certificates for network access is independent of the user directory. And in a normally-functioning network environment, this is perfectly acceptable. Certificate-based authentication is ironclad and...
What is Dynamic RADIUS?
SecureW2 is pleased to announce the invention of a whole new kind of AAA server – Dynamic (Cloud) RADIUS. It will revolutionize the way you authenticate users and enforce policies...
How to Issue GeoTrust Certificates
How to Issue GeoTrust Certificates to Devices GeoTrust is one of the world’s largest digital certificate providers with more than 100,000 customers in over 150 countries. GeoTrust offers a variety...
3 Security Advantages of a Cloud RADIUS Server
In order to successfully configure a WPA2-Enterprise network you must have a RADIUS server. The RADIUS authorizes and authenticates users signing into the network and eliminates any speculation into who...
Cloud vs. On-Prem RADIUS: Which is Better?
A requirement for all WPA2-Enterprise networks is the use of a RADIUS server. A vital part of the network, the function of a RADIUS is to authenticate the user and...
Using Digital Certificates on Yubikey
Yubikeys are an incredibly secure method of protecting yourself from data theft, but you’re probably not using them to their full potential. Natively, Yubikeys only support credential-based authentication through keypairs...
Efficient Device Onboarding for Higher Education
An important first task for incoming students is to connect to the secure network they will use for all their on-campus studies. If the process is less than smooth, the...
Introducing an MDM Solution for SMBs
A common trend for SMBs seen across many industries is opting into a MDM infrastructure to replace or supplement a BYOD policy. For many organizations, a MDM system offers a...
Credential Theft Threats Facing SMBs
Data and credential theft have become an increasingly prevalent concern for SMBs as more attackers choose to target them. It’s common to hear about large scale hacks, such as Target,...