How to Solve Common Certificate-Based Wi-Fi Authentication Issues in Intune
Certificate-based authentication has become the industry standard for securing Wi-Fi networks, especially with organizations moving toward stronger security and passwordless authentication. Microsoft Intune is one of the most widely used...
What is a PKI, and How Does It Help Secure Networks in an Organization?
Password breaches have impacted nearly every industry, from telecommunications to healthcare. As threat actors refine their attack methods, securing networks solely with passwords has become increasingly challenging. Organizations are transitioning...
What Are the EAP Method Requirements For WPA3-Enterprise?
The only EAP method allowed in WPA3-Enterprise 192-bit mode is EAP-TLS, which uses X.509 certificates for client and server-side authentication. No other EAP authentication types are permitted, since they lack...
Is RadSec Necessary if I Already Use EAP-TLS?
EAP-TLS is a powerful certificate-based authentication technique that has been extensively used due to its high security posture. It enables mutual authentication between the client and server and secures credentials...
Why is Mutual Authentication Important in Secure Communication?
Mutual authentication is important in secure communication because it is a process where both entities verify each other’s identities before establishing a connection. In a network environment, the client and...
What is the difference between TLS and EAP-TLS?
TLS and EAP-TLS might seem identical initially since they depend on encryption and certificate-based authentication. TLS and extensible authentication protocols-transfer layer security (EAP-TLS) are often discussed in network security. They...
Is EAP-TLS The Same as PEAP?
Extensible Authentication Protocol-Transport Layer Security (EAP-TLS ) and Protected Extensible Authentication Protocol (PEAP ) are both authentication protocols used in the 802.1x framework, but they are not the same. The...
What Is The Gold Standard Of Network Security?
Extensible Authentication Protocol-Transfer Layer Security (EAP-TLS) is considered the gold standard for network security. It allows digital certificates to be deployed on WPA2-Enterprise with 802.1X authentication. EAP-TLS uses asymmetric cryptography...
Best EAP Method to Configure a Secure WiFi Network
Extensible Authentication Protocol (EAP) is a strong security layer and authentication framework used in Wi-Fi networks. It provides various methods to verify the identities of users and devices before granting...
Everything You Need to Know About PEAP Security
Since most transactions and communication are done over networks today, the security of these networks can’t be overlooked. Securing your network connections has never been more critical, as the data...
Is EAP-TLS Safer than PEAP-MSCHAPv2 in 2024?
The short answer is: Yes. Organizations that are interested in moving from the unsecure PEAP-MSCHAPv2 protocol to the superior EAP-TLS protocol might be worried about huge infrastructure overhaul or the...
A Complete Guide to Intune 802.1x
The 802.1X standard provides secure authentication for users and devices looking to connect to wired and wireless networks. It uses an authentication server known as the RADIUS server that validates...
How to Configure Azure AD CBA
With the introduction of Azure AD CBA, Microsoft has taken steps to move past using passwords - and your organization can, too.
Attack Vectors That Leave Your 802.1X Network Vulnerable
When used correctly, 802.1X authentication is the gold standard for network security. However, even seasoned IT professionals fail to recognize some key points of attack. If they are left unchecked,...
Configure Okta Client Certificate Authentication
In this article, you can learn integrating digital certificates with one of the leading identity providers, Okta.
Guide: TLS Authentication and How It Works
The essence of Transport Layer Security (TLS) requires understanding two key concepts: encryption and authentication. While encryption ensures that the data transmitted between your browser and the web server is...
WEP vs. WPA vs WPA2- The Better Wifi Authentication
One key component of wireless security is encryption, which is the process of encoding data before it is transmitted over the air. Only authorized parties with the correct decryption key...
An Overview of Server Certificate Validation in Android 13
Integrating the capabilities of two leading operating systems, Android and Windows, have been a dream for most tech-savvy enthusiasts across the globe. Microsoft is going to offer this upgrade by...
Complete Guide to iOS 802.1X
Securely connecting iOS devices to a network can be a difficult task, especially since the Covid-19 pandemic sped up the inevitable rise of hybrid work environments. Network security must be...
What is TLS Encryption?
Transport Layer Security is a protocol that ensures privacy and data integrity between two communicating applications. It’s the most widely deployed security protocol used today and is incorporated into web...
Public Key Infrastructure- A High-Level Overview
Digital signatures are pivotal to cybersecurity. They offer a robust mechanism to verify the authenticity and integrity of a document or message. Imagine sending a handwritten letter; your signature assures...
Public vs Private Certificate Authority
Certificate authorities (CAs) play a critical role in securing digital communications and data exchange. Organizations must choose between public and private CAs based on their unique security requirements, use cases,...
Smart Cards for Identity Authentication and Access Security
Smart cards, occasionally called chip cards or integrated circuit cards (IC or ICC), are a broad family of physical electronic authentication devices. More practically, they’re physically-secured microprocessors used to control...
How to Enable Windows Machine Certificate Authentication
Whether you use Windows, macOS, or any other operating system, deploying digital certificates for your device can be the most impactful step to strengthening your network security. Digital certificates use...
What’s the Difference between RADIUS, TLS, and EAP-TLS?
There are many components involved in running a secure network. It’s very easy to get bogged down by different terminology and be confused about what exactly each component does. This...
Active Directory Certificate Services (AD CS): Explained
There are many components involved in running a certificate-based network. You need to establish trusted servers and certificate authorities (CA), make sure devices can enroll for certificates, authenticate users, manage...
PEAP-MSCHAPv2 Vulnerability Allows For Credential Theft
In 2013, Microsoft released a report of a known security vulnerability present within Wi-Fi authentication. The 802.1x authentication protocol known as PEAP-MSCHAPv2, a widely supported standard, can be exploited to...
[Solved] Wi-Fi Security Certificate Error
Functioning in the current world would be virtually impossible without access to wireless internet or Wi-Fi. Wi-Fi is used by people all over the world for everything from entertainment to...
EAP-TLS vs. EAP-TTLS/PAP
Choosing the right authentication protocol is more than a matter of security. Authentication is the critical check ensuring only rightful users can access certain data or networks. The decision between...
Complete Guide to MacOS 802.1X
Implementing robust authentication protocols is paramount in today’s hyper-connected digital environment, where data security and network integrity are paramount. MacOS 802.1X authentication stands out among these protocols as a crucial...
802.1X EAP-TLS Authentication Flow Explained
For many organizations, the IEEE 802.1X authentication mechanism for Port-Based Network Access Control is the first line of defense against outside attack. It’s also one of the most commonly targeted...
Server Certificate Validation with Android 12 Devices
Cyber-attacks have grown stronger over the years and are able to easily bypass the rudimentary security standards provided by the username/password mechanism. If an organization relies on passwords for network...
EAP-TLS vs. PEAP-MSCHAPv2: Which Authentication Protocol is Superior?
Ensuring network users are able to securely authenticate to the wireless network is paramount to the overall safety and security of your organization. So many attacks are aimed at exploiting...
How to Manage Certificates with Intune (MEM Intune)
Network administrators often feel certificate management to be challenging at times, especially in finding the right PKI for certificate deployment. They either end up paying for a pricey PKI...
How Does Wi-Fi Certificate Authentication Work?
Wireless network security is of the utmost importance in the rapidly evolving digital world. Wi-Fi certificate authentication has become a vital option that not only makes networks safer but also...
How to Use IEEE 802.1x Authentication for a Wired or a Wireless Network
IEEE 802.1x authentication is a standard for port-based network access control. It essentially requires devices to authenticate themselves before gaining access to network resources. This standard is versatile, working seamlessly...
A Deep Dive into PKI Certificates
Corporate data, social media pages, applications, and user data are crucial assets of an organization, and any theft or misuse of these could lead to huge financial losses. They not...
What is WPA Authentication?
The ubiquity of Wi-Fi networks in today’s world has made them popular targets for cyberattacks, especially if they rely on vulnerable mechanisms like passwords. In a 2021 study, security researchers...
LEAP Authentication and How It Works
Wi-Fi connection integrity is critical for organizations securing sensitive data or individuals protecting personal information. This requirement has created many authentication methods, each attempting to balance usability and security. LEAP...
2024 Security Analysis of PEAP-MSCHAPv2
These days, wired and wireless (Wi-Fi) networks are ubiquitous. Organizations need these connections to perform critical business functions, but these connections are susceptible to various ever-evolving cyber threats. As a...
How to Authenticate to VPN with EAP-TLS
In today’s world, VPNs (Virtual Private Networks) are very important for individuals and small and large-scale business owners. However, utilizing a VPN can be tricky due to some common difficulties...
A Comprehensive Guide to the EAP Protocol in Networking
Network security is crucial in the modern digital world, where wireless communication is commonplace. Security risks such as unauthorized access, data eavesdropping, and network breaches can affect wireless networks. Because...
WPA3 vs WPA2: What’s the Difference?
The standards used to protect wireless/Wi-Fi networks have evolved over the years to keep up with emerging threats and protect sensitive data. WPA2 and WPA3 are some of the more...
Kandji Enterprise Wi-Fi Profile Settings Guide
With a focus on centralized control of Apple devices, Kandji stands out as an innovative leader in modern enterprise management. IT managers can easily automate device deployment, enforce security policies,...
802.1X Port Security Simplified
Did you know that the cost of data breaches reached a whopping $4.35 million in 2022? Data breaches cost organizations a lot in penalties and lost business opportunities. Almost 68%...
Identifying Network Issues with 802.1X
Open SSIDs don't offer the degree of troubleshooting visibility 802.1X does. Here's how 802.1X helps you troubleshoot network issues.
Cloud RADIUS for Wi-Fi Authentication
A survey found that 74% of IT decision-makers whose organizations have been breached in the past say it involved privileged access credential abuse. While Wi-Fi revolutionized networking during the transition from...
Best Practices for Enrolling Users for WPA2-Enterprise
Wifi is essential in daily life and is critical for any business today. At home, we use a single static password to protect your wifi. This security is called WPA2-Personal....
FreeRADIUS vs. Jumpcloud
As technology progresses, hackers have constantly upgraded their modes of attack, which include social engineering techniques to compromise the network space of an organization. Here’s a recent incident of a...
Foxpass RADIUS vs. Jumpcloud RaaS
Network authentication has evolved in lockstep with the development of software over the years. The networking protocols considered secure just a few years back have not withstood the test of...
This Security Flaw is Preventing Organizations from Switching to Azure AD
The migration from on-premise to cloud-based network infrastructure is becoming more and more common. With better security, scalability, and user experience, the benefits of the cloud cannot be denied. For...
Should I Bind Non-Windows Devices to Active Directory?
Digital certificates are starting to take over as the preferred method of network authentication because of their proven superiority to passwords in security and user experience. Many organizations are wanting...
I Have Active Directory, How do I Move to the Cloud?
It’s no secret that organizations are making the transition to cloud-based network environments. This is especially true considering the dramatic increase in remote work due to the global pandemic. Network...
MacOS Smart Card Services
Smart Card usage has been on the rise for a variety of different reasons, but undoubtedly the most prominent is for their identity management capabilities. Cybersecurity-oriented organizations are taking advantage...
Private Key Attestation on macOS
Key attestation is a necessary part of creating valid X.509 digital certificates. Asymmetric cryptography requires that the client be able to prove its identity by attesting to the secure creation...
The NPS Extension for Cloud Authentication
Authentication security is an incredibly diverse field with countless options for organizations to choose from. How to authenticate your users to a secure network is a difficult decision to make...
YubiKey Automatic Programming Software (Works with PIV)
YubiKeys are an easy way to significantly improve authentication security and, with digital certificates, can even provide a high degree of identity assurance. However, the native Yubikey configuration and personalization...
How To Properly Delete a Certificate Authority
Securing communications via digital certificates is among the most secure processes used by organizations today. The use of public key cryptography makes certificates uncrackable and can be used to protect...
The Best Private CA / PKI Service
The use of certificates for network security is rapidly increasing due to their superiority over all other authentication methods. They’re incredibly versatile and can enable authentication customization that far surpasses...
What is a AWS Private CA?
Private certificate authorities (CA), also known as enterprise CAs, are CAs specifically meant for internal use. They are self-hosted and therefore not trusted externally. The usual use cases come from...
How to Issue a Certificate from a Microsoft CA Server
Now that we’ve learned passwords are not a secure form of authentication, organizations are implementing digital certificates, which provide stronger security and can be leveraged for more efficient network authentication....
Running PKI-as-a-Service
Creating and operating a certificate-based network is no simple task. Without a highly knowledgeable staff that is well-versed in certificate management, an organization can get bogged down in integration, configuration,...
Maximizing an Internal Windows Certificate Authority
Maintaining a secure network that is easily accessible for users within an organization is more difficult than ever. As cybersecurity technologies improve to address current threats, malicious attackers continue to...
Managing an Internal CA
When considering the failures of credential-based authentication, it’s no surprise that many security-conscious organizations have been upgrading to certificates for authentication. One of the benefits of certificates is the flexibility...
How to Configure RADIUS with G-Suite (Google Workspace)
Google Suite, also known as Google Workspace is many people’s go to cloud-based productivity suite. While Google Suite is known for its ease of use, it’s credential-based authentication creates another...
Best Network Security Solutions for MSPs
Among small businesses that have been targeted by cyber-criminals, 70% were used as an entry point into a larger enterprise system they supply to. Nearly half (48%) of the cases...
Configuring FreeRADIUS for EAP-TLS Authentication
FreeRADIUS is one of the most widely used RADIUS authentication providers, with customers ranging from top enterprises to universities. While FreeRADIUS is certainly an effective authentication tool, cybersecurity hinges on...
Does AD CS Work in the Cloud?
Digital certificates have taken over as the preferred method of network authentication because of their proven superiority to passwords in security and user experience. Many organizations recognize this and want...
PKI for Microsoft GPO
Microsoft’s Group Policy Object (GPO) is a useful tool to allow administrators to control the level of access for users on the network. In addition to providing strong security from...
How To Use Active Directory in the Cloud
Organizations are making the much-needed transition to cloud-based network solutions. To ease the transition, Microsoft created Azure Active Directory to aid clients in moving their directories from the on-premise Active...
TLS/SSL Encryption with Azure
Improving cyber security is crucial for organizations as one cyber attack could trigger the downfall and bankruptcy of an entire business. That’s why end-to-end encryption has become a network security...
Authenticating Guest Users for VPN with Azure AD B2B and SecureW2
Cross-organization collaboration can be tricky for the IT department because they need to make sure the partner’s security policies match their own, then create temporary guest user accounts and ensure...
Enable 802.1X For Guest Users with Azure AD B2B and SecureW2
Business-to-Business collaboration is essential for company growth. Thousands of companies have collaborated on projects to increase company value and spread risk. At the core of these collaborations is identity and...
Dynamic RADIUS VLAN Assignment for VPN
One quarter of all internet users in the world used a VPN in the last month to protect their identity privacy and their data privacy while accessing the internet. Are...
Best Cyber Security Practices for MSPs
Over 30 millions businesses have fewer than 1,000 employees and many don’t have the IT budget to provide effective network security. Managed Service Providers (MSP) are a godsend for small...
What is VLAN Steering?
The VLAN (Virtual Local Area Network) is an important tool in the IT toolbox. By emulating the properties of a Local Area Network, you can segment users into any number...
Securing VPN Authentication with RADIUS & MFA
Due to the Covid-19 pandemic, organizations all over the world have closed their offices and sent their employees home to work remotely. The mass exodus from the office to remote...
AD DS: Explained
The purpose of online directories is to store resources on the network in a way that it’s simple to access. Microsoft’s Active Directory (AD) has risen through the ranks to...
Multi-Factor Authentication for Okta VPN
When it comes to authentication security, one of the simplest upgrades you can make that will drastically improve your network’s safety is to implement Multi-Factor Authentication (MFA). Simply put, MFA...
User Lookup With Certificate-Based Authentication
Traditionally, the process of authenticating certificates for network access is independent of the user directory. And in a normally-functioning network environment, this is perfectly acceptable. Certificate-based authentication is ironclad and...
The Importance of Authentication Security
Authentication acts as the first line of defense to allow access to valuable data only to those who are approved by the organization. Many organizations recognize this and utilize Multi-Factor...
802.1x Without Active Directory
802.1X is the de facto gold standard that organizations should strive for when it comes to authentication; it’s safe, secure, and efficient, especially when combined with certificates. However, setting up...
Enabling Double Encryption for Zscaler with SecureW2’s PKI
Double encryption adds an extra layer of security to ensure that the connections between the Z App, Connectors, and ZPA ZENs stay protected. Although Zscaler already comes with a layer...
Can I Use Passpoint with Microsoft Azure?
The best way to ensure roaming internet access for employees is by deploying Passpoint. Whether you just need to be covered across campus or want to extend your network to...
3 Best Practices for Onboarding BYODs
Bring Your Own Device (BYOD) systems can be an amazing tool for businesses or schools looking to increase productivity and reduce cost. According to a study by Forbes, 42 percent...
Why Most Are Leaving LDAP With WPA2-Enterprise Behind
For years, the credential-based network authentication standard was the Lightweight Directory Access Protocol (LDAP). The security and efficiency offered by LDAP provided the necessary protection levels for everyday WPA2-Enterprise operations....
It’s Time For SHA-1 Hash To End
SHA-1 is a commonly used cryptographic hash algorithm that has been used for nearly 2 decades to secure online communications. It was originally designed for government use, but an exploit...
Combating Burnout in Cybersecurity
Cybersecurity professionals are highly sought-after individuals that add an immense amount of value to an organization, but that value can be difficult to pin down in terms of dollars. As...
Top 3 PEAP-MSCHAPv2 Mistakes Made by Universities
Credential-based authentication with PEAP-MSCHAPv2 is still commonly used, and for some network types it is appropriate. A home network or a small coffee shop offering free wireless can benefit from...
Best Practices For IoT Security
The explosion of Internet of Things devices (IoT) onto the technology market has revolutionized how businesses operate. The endless possible applications of these incredibly diverse devices has led to a...
Update Your Browser to TLS 1.2 to Support 802.1x WPA2-Enterprise
Organizations should be aware of an important update to TLS. TLS 1.2 is the most recent update that builds on top of TLS 1.0 and TLS 1.1 to increase network...
Using Digital Certificates on Yubikey
Yubikeys are an incredibly secure method of protecting yourself from data theft, but you’re probably not using them to their full potential. Natively, Yubikeys only support credential-based authentication through keypairs...
Addressing Credential Theft Threats From Every Angle
The looming threat of a data breach has influenced many organizations to step up the security protecting their wireless network. Organizations with personnel files, financial information, and other types of...