How to Create a Cloud-Based RADIUS Server
In order to successfully configure a WPA2-Enterprise network, a RADIUS server is a must. The RADIUS authorizes and authenticates users signing into the network and eliminates any speculation into who...
When Static Trust Becomes a Backdoor: Lessons from the 2025 SharePoint ToolShell Exploit
In July 2025, a widely exploited zero-day vulnerability, CVE-2025-53770 & 53771, named ToolShell, hit on-premises Microsoft SharePoint Server systems, triggering a large-scale compromise. The ToolShell exploit gave attackers unauthenticated remote...
Can I Use Azure With A RADIUS Server?
Organizations worldwide are making the transition to cloud-based network solutions. To ease the transition, Microsoft created Entra to aid clients in moving their directories from on-premise Active Directory (AD) to...
An Overview Of Passpoint In Network Infrastructure
Wi-Fi access has evolved from the manual selection of Service Set Identifiers (SSIDs) to the automated, secure connectivity of Passpoint. Initially, users had to browse a list of available SSIDs,...
Drawbacks of NPS in a Cloud Environment
Organizations want different technologies to work well together and integrate smoothly so they can be used more efficiently. The combination of Microsoft Azure and Network Policy Server (NPS) frequently generates...
How to Use Active Directory Set-up For Wi-Fi and CloudRADIUS
Organizations that leverage Microsoft Active Directory (AD) often want to connect their core user identities to their Wi-Fi network. The goal is to enable users to authenticate uniquely to the...
What Is RADIUS Certificate-Based Authentication?
As cyber security risks increase and secure access to network resources is required, organizations are adopting different authentication methods. RADIUS certificate-based authentication is one of those methods that increase the...
What is Microsoft NPS?
In an era dominated by cloud-centric solutions, Microsoft NPS sets out as an on-premise network security tool for Windows Server. Its primary goal is centralizing network regulations, user identities, and...
FreeRADIUS vs. Cisco ISE
Cyber-attacks cost small businesses an average of $84,000 to $148,000, and 60% of those attacked go out of business in 6 months. As organizations continue to grow, it becomes more...
Device-Based vs User-Based RADIUS Lookup
If all the users in your network fit into one single group, RADIUS authentication would be simple. Alas, things aren’t that easy; administrators often find themselves needing to specifically distinguish...
Passwords vs. Digital Certificates For RADIUS Authentication
Businesses understand the importance of passwords for private data security but might not realize that using a network with passwords poses many security threats. As hacking techniques become more advanced,...
Configure RADIUS on Windows Server 2008
The name RADIUS needs no introduction whenever you imagine a wired or wireless authentication server. Commonly referred to as AAA servers, RADIUS performs the core task of Authentication, Accounting, and...
RADIUS Server Authentication: Explained
A RADIUS server prevents unauthorized access to your network - and, thanks to services like Cloud RADIUS, this powerful authentication tool is more accessible than ever.
Is there an Alternative to Windows NPS?
Microsoft’s Network Policy Server (NPS) is a AAA RADIUS server used for a number of different types of network connections. It can be used for wireless authentication, VPN connections, dial-up,...
Windows RADIUS Server Pros and Cons
There are thousands of deployed instances of Windows RADIUS Server across the world, but users still debate its capabilities to keep their large networks intact and secure, giving rise to...
Enabling RADIUS MAC Auth Bypass for IoT
Enabling RADIUS MAC Auth Bypass for IoT devices can alleviate cyber threats and help improve your network security. Here's How
Troubleshoot Okta RADIUS Internal Server Error
Okta is one of the leading Identity and Access Management (IAM) service providers for enterprises around the globe. They provide a great user experience, but sometimes you might encounter some...
The Best Cloud RADIUS Server For Authentication
Due to the COVID-19 pandemic, employees are working from home now more than ever before. According to a Stanford study, an incredible 42 percent of the U.S. labor force now...
Configure Microsoft GPO with RADIUS Authentication
Integrating Microsoft’s Group Policy Object (GPO) with RADIUS authentication effectively improves network security and access control. GPO enables administrators to apply policy settings for specific user groups, ensuring that individuals...
Can I Set Up Microsoft NPS in the Cloud?
Microsoft Network Policy Server (NPS) is Microsoft’s AAA RADIUS server. It authorizes and authenticates users and devices for network connections. NPS is an on-premise RADIUS server and uses the Active...
Can you Authenticate RADIUS with YubiKeys?
As YubiKeys achieve widespread adoption, the industry keeps finding more and more uses for the powerful little device. One of the more interesting use cases for YubiKey is AAA/RADIUS authentication....
Do RADIUS Servers use AD?
Do you know what facilitated back-office IT functions for any business twenty years ago? It was Active Directory, Microsoft’s user directory system. Because Active Directory simplified the task for organizations to...
How AAA Servers Work
WPA2-Personal is common in homes and cafes – a security type requiring a preshared key (PSK). But some networks cannot be secured with a password, they want a username and...
The History of RADIUS Authentication Protocol: IEEE 802.1X
The Internet has been one of our most transformative and fast-evolving technologies. According to Satista.com, the internet user base increased from 413 million in 2000 to nearly 4.9 billion in...
How To Solve the NPS Error Code 66 in Meraki?
The RADIUS server plays a vital role in the authentication within a network infrastructure. NPS (Network Policy Server) is Microsoft’s own RADIUS solution that performs a similar role of filtering...
What’s the Difference between RADIUS, TLS, and EAP-TLS?
There are many components involved in running a secure network. It’s very easy to get bogged down by different terminology and be confused about what exactly each component does. This...
FreeRADIUS with Google LDAP: How Does it Work?
Is an authentication system built around FreeRADIUS with Google LDAP more economical? Learn the truth about this setup here.
How To Enable RADIUS CBA On Google Workspace?
If the cybersecurity community could be compared to a court, the jury has reached its verdict: it’s time to move past outdated pre-shared keys as a means to network authentication....
An Overview Of RADIUS Certificate-based Authentication
With an increasing number of cybersecurity risks and the necessity for secured access to network resources, organizations are implementing various authentication methods. RADIUS certificate-based authentication is one of these techniques,...
How To Configure 802.1X for Ubiquiti UniFi
In an era where network infrastructures must run smoothly, protecting sensitive data and securing connections is crucial. Ubiquiti UniFi is a market leader in networking solutions, providing a dependable and...
How to Resolve NPS Reason Code 22
Remote Authentication Dial-in User Service (RADIUS) is integral to network infrastructure, especially for authentication, authorization, and accounting (AAA) purposes. NPS (Network Policy Server) is Microsoft’s RADIUS server, replacing its age-old...
Why You Shouldn’t Use NPS with Azure AD (Microsoft Entra ID)
Since cloud-based solutions are becoming the norm today, knowing how different identity and access management tools work together and what they do is important. This article details Microsoft NPS (Network...
What is NAS-ID?
The Network Access Server (NAS) is the frontline of authentication – it’s the first server that fields network authentication requests before they pass through to the RADIUS. The NAS Identifier...
How to Configure RADIUS on Windows 2016: A Detailed Guide
A WPA-2 Enterprise network is incomplete without a RADIUS server, thanks to its triple role of Authentication, Accounting, and Authorization (AAA). Any robust network security demands all three functions for...
RADIUS Events Logs: How to View and Access Them
RADIUS servers are often called AAA (authentication, authorization and accounting) servers because they perform each of those three functions. Accounting – which refers to the process of tracking events as...
A Complete Guide to Configuring RADIUS on Windows 2019
The term “RADIUS server” will probably be mentioned at some point in any conversation regarding wired or wireless authentication. Within a WPA-2 Enterprise network, RADIUS (also referred to as a...
A Complete Guide to Configuring Microsoft RADIUS Server
Need a solution for your network authentication, authorization, and accounting (AAA) requirements? RADIUS has been around for decades, used by thousands of organizations. Without a RADIUS server, authentication would have...
RADIUS Accounting Best Practices
RADIUS is a crucial networking protocol best known for centralized authentication, authorization, and accounting (AAA) administration. The final “A” in AAA signifies accounting, a fundamental aspect of network management. Network...
AAA Server Best Practices
An AAA server processes user requests for access to computer resources and provides an organization’s authentication, authorization, and accounting (AAA) services. The AAA server typically interacts with network access, gateway...
How to Use IEEE 802.1x Authentication for a Wired or a Wireless Network
IEEE 802.1x authentication is a standard for port-based network access control. It essentially requires devices to authenticate themselves before gaining access to network resources. This standard is versatile, working seamlessly...
How to Set Up AD CS PKI Certificates with Jamf
As credential-based authentication becomes increasingly insecure, many organizations see the benefit of moving to passwordless security methods such as digital certificates. Implementing certificates, however, requires the implementation of a Public...
What is Port-Based Network Access Control (PNAC)?
Network security is one of the important factors for organizations of different sizes. As cyber threats evolve, authorized access to network devices and critical resources becomes very important. Port-Based Network...
How to Monitor Network Traffic: Best Tips for IT Pros
Network traffic monitoring is essential for IT professionals to protect the company’s environment against potential vulnerabilities. It tracks data movement across different networks, ensures the network operates efficiently and identifies...
How to Configure 802.1x Printer Authentication?
When organizations establish their IT infrastructure, it’s essential to protect it, including network-connected devices and wired and wireless access points. Printers often fly under the radar among these devices regarding...
LEAP Authentication and How It Works
Wi-Fi connection integrity is critical for organizations securing sensitive data or individuals protecting personal information. This requirement has created many authentication methods, each attempting to balance usability and security. LEAP...
How to Authenticate to VPN with EAP-TLS
In today’s world, VPNs (Virtual Private Networks) are very important for individuals and small and large-scale business owners. However, utilizing a VPN can be tricky due to some common difficulties...
A Comprehensive Guide to the EAP Protocol in Networking
Network security is crucial in the modern digital world, where wireless communication is commonplace. Security risks such as unauthorized access, data eavesdropping, and network breaches can affect wireless networks. Because...
WPA3 vs WPA2: What’s the Difference?
The standards used to protect wireless/Wi-Fi networks have evolved over the years to keep up with emerging threats and protect sensitive data. WPA2 and WPA3 are some of the more...
What is a Jamf Push Certificate?
Do you use Apple devices in your work infrastructure? Then you’ve probably heard of Jamf. Jamf Pro is one of the most robust and feature-dense solutions for managing Apple devices....
What is Secure Sockets Layer (SSL)?
Security over the internet has drastically improved in the few decades that the internet has been widely available. The average user doesn’t realize how much goes on behind the scenes...
Simple, Practical Security Guidance for AD CS
In 2008, Microsoft released the Active Directory Certificate Services(AD CS) feature to allow Administrators to manage their own Public Key Infrastructure and their Remote Authentication Dial-In User Service(RADIUS). This paved...
TLS (Transport Layer Security) Explained: Why TLS 1.3 is the New Standard
Transport Layer Security (TLS) is the backbone of secure online communications. From securing a bank transaction, sending an encrypted email via S/MIME, or protecting an authentication attempt into a corporate...
Overview of LDAP For Today’s Cloud Environment
Lightweight Directory Access Protocol (LDAP) is an integral component of digital identity frameworks, providing an open and cross-platform protocol used for directory service authentication. It provides a systematic method for...
Jamf RADIUS Server Best Practices
For small and medium-sized enterprises, coordinating employees’ iPhone, iPad, and Mac devices may distract you from your primary responsibilities. Jamf assists businesses in addressing this issue. The affordable cloud-based solution...
Securely Eliminate MFA with Azure AD CBA
Hackers acquired the personal data of over 37 million T-Mobile users, including names, dates of birth, Social Security numbers, and driver’s license information, in a recent incident that featured a...
Using Certificates for Granular Application Access with Microsoft Defender
The cloud presents an enticing opportunity for businesses – it makes important resources available anywhere, allows them to offshore the cost of storage, and can even save them on hardware...
Microsoft Network Device Enrollment Service: Do You Need It?
In this article, we will discuss NDES, its importance in network security, and its benefits for managing devices in an enterprise environment.
Implement Microsoft Passwordless Authentication With Azure AD CBA
In this article, we’ll cover precisely what Microsoft Authenticator App is and how you can quickly onboard to digital certificates.
How to Improve Device Identity Context for Network Security
Protect your network from security breach by getting more visibility over your unmanaged and BYOD devices. Device Identity Context can help you improve network security. Continue reading to know more.
How Digital Certificates Enable Secure Single Sign-On (SSO)
Users in an organization typically need access to many applications to assign and complete their tasks, access email, write code and communicate with each other. Multiple apps require multiple sets...
Configure Client Certificate Authentication with OneLogin
Configure Client Certificate Authentication on OneLogin and enforce Zero Trust Policy and make your network secure.
Configure Client Certificate Authentication with Ping
As many organizations shift to the digital mode in the post-pandemic era, there is an exponential increase in cloud-based network solutions. Surprisingly, numerous cutting-edge wireless technologies, such as 5G, virtual...
JAMF vs. Kandji: Apple MDMs compared
Read and compare JAMF and Kandji as Apple MDM solutions here.
IAM vs PAM
IAM and PAM explained and how the right implementation of the two solution can help make your network security secure from cyberattacks
Google Cloud Certificate Authorities Service Alternative
The digital world has been on a growth spurt for the past few years as more and more devices have come into being. An average user has at least two...
Best Practices for Enrolling Users for WPA2-Enterprise
Wifi is essential in daily life and is critical for any business today. At home, we use a single static password to protect your wifi. This security is called WPA2-Personal....
FreeRADIUS vs. Jumpcloud
As technology progresses, hackers have constantly upgraded their modes of attack, which include social engineering techniques to compromise the network space of an organization. Here’s a recent incident of a...
HIPAA Compliant Wireless 802.1X
The Health Insurance Portability and Accountability Act (HIPAA) has impacted the way healthcare organizations operate since its introduction in 1996. Its goal, ultimately, was to protect patient data by imposing...
The Anatomy Of An X.509 Digital Certificate
Digital certificates are frequently used in the online world as a means of identification. The information embedded in the certificates lets anyone verify the identity of an entity with the...
Code Signing with Digital Certificates: Explained
Imagine you’re installing an application and a pop-up like the screenshot above comes up. How can you be sure that the application you’re about to download is really safe? The...
This Security Flaw is Preventing Organizations from Switching to Azure AD
The migration from on-premise to cloud-based network infrastructure is becoming more and more common. With better security, scalability, and user experience, the benefits of the cloud cannot be denied. For...
Top 3 Tips for Enrolling Chromebooks with AD CS
There has been a huge increase in the use of wireless devices to connect to organization’s secure networks and it’s created a new security challenge for network admins. Securely connecting...
Cloud-Hosted LDAP is Vulnerable with Credentials
Organizations are always looking for a new strategy to increase the convenience of using their network without compromising security. As a result, many have sought out cloud solutions. Read here...
Can I Use Google Secure LDAP for Wi-Fi?
LDAP’s importance cannot be denied. As a protocol, it has greatly simplified the directory search process. Unfortunately, as time goes on, LDAP has begun to grow outdated, especially given its...
What Is Certificate Management?
When considering the importance of authentication security and establishing device trust to protect your network, it’s no wonder organizations are moving away from credentials in droves. A solution that many...
How to Address MAC Randomization for Cloud Networks
Mac Address Randomization is an increasing trend among device manufacturers that are quickly becoming the industry standard. While it can help in reducing the risks of data breaches and spying...
Is Okta A RADIUS Server?
A RADIUS server operates through connecting to a central database to inform who is allowed to connect to your network. It is a simple and easy-to-configure authentication solution that cannot...
How to Deploy Okta Device Trust on Windows
Device Trust is a concept in cybersecurity with a relatively simple premise; if a device can prove its identity, it can be trusted to have greater access to resources. If...
What is the Android Trusted Credentials Store?
Similar to Windows and macOS, Android devices need a system in place in order to determine if a certificate issued by a particular Certificate Authority (CA) is trusted. How does...
The NPS Extension for Cloud Authentication
Authentication security is an incredibly diverse field with countless options for organizations to choose from. How to authenticate your users to a secure network is a difficult decision to make...
How To Use Google Wi-Fi Without Active Directory and NPS?
While technology changes rapidly, one constant is the use of Google and its spread across all facets of business technology. But how people connect to Google services and how they...
Assigning Network Access Policies Based On SSID
Using network access policies to segment users into VLANs with appropriate permissions is a core part of every organization’s identity and access management (IAM) strategy. More options to customize access...
How to Secure 802.1X for Remote Workers
Though remote work wasn’t started by the Covid-19 pandemic, it has increased drastically to the point that working from home will be commonplace for many workers. Unfortunately that leaves organizations...
How To Properly Delete a Certificate Authority
Securing communications via digital certificates is among the most secure processes used by organizations today. The use of public key cryptography makes certificates uncrackable and can be used to protect...
What is OpenXPKI?
Deploying digital certificates for internal and external use is a growing trend throughout countless industries. Of course, as more people convert to using certificates, they find that using the proper...
What is a AWS Private CA?
Private certificate authorities (CA), also known as enterprise CAs, are CAs specifically meant for internal use. They are self-hosted and therefore not trusted externally. The usual use cases come from...
What is Certificate Revocation?
The average number of certificates an organization needs to manage grew 43 percent in 2020, so having a good certificate management system is paramount to success for any enterprise. SecureW2’s...
How to Setup Microsoft Enterprise PKI
The definition for a Public Key Infrastructures (PKI) varies among cyber security professionals, but is generally considered a collection of components that give everything an organization needs to issue and...
Running PKI-as-a-Service
Creating and operating a certificate-based network is no simple task. Without a highly knowledgeable staff that is well-versed in certificate management, an organization can get bogged down in integration, configuration,...
SolarWinds Compromise
Earlier this month, SolarWinds was breached by (who experts theorize to be) the hacker Russian organization, Cozy Bear. This attack has left 18,000 organizations potentially compromised with 250 of which...
Managing an Internal CA
When considering the failures of credential-based authentication, it’s no surprise that many security-conscious organizations have been upgrading to certificates for authentication. One of the benefits of certificates is the flexibility...
How to Configure Azure AD Attributes on Certificates
Attribute mapping in Azure AD (Microsoft Entra ID) is easier than you might think. With a simple SAML application, you can use customizable Azure attributes to enforce dynamic policy options...
Using Okta to Implement Zero Trust Network Access
Zero Trust is a cybersecurity concept that is being implemented by many security-conscious organizations to combat the external and internal threats they face. At its core, the purpose of Zero...
Can I Use Group Policy Objects with Azure?
As technology continues to migrate to cloud-based networking, many organizations have sought to take advantage of efficient cloud solutions. As a result, Microsoft-based organizations have been transitioning to Azure for...
What is a Microsoft Certificate Authority?
What is a Certificate Authority? A certificate authority (CA) is an entity that distributes digital certificates to devices. They assist in validating the identities of websites, individuals, and devices before...
How to Configure RADIUS with G-Suite (Google Workspace)
Google Suite, also known as Google Workspace is many people’s go to cloud-based productivity suite. While Google Suite is known for its ease of use, it’s credential-based authentication creates another...
G Suite + FreeRADIUS for WiFi Authentication
IT experts are stressing network security now more than ever, especially considering the massive amount of revenue loss that can occur with a security breach and how 10 million attacks...
Configuring FreeRADIUS for EAP-TLS Authentication
FreeRADIUS is one of the most widely used RADIUS authentication providers, with customers ranging from top enterprises to universities. While FreeRADIUS is certainly an effective authentication tool, cybersecurity hinges on...
How To Use Active Directory in the Cloud
Organizations are making the much-needed transition to cloud-based network solutions. To ease the transition, Microsoft created Azure Active Directory to aid clients in moving their directories from the on-premise Active...
Multi-Tenant Cloud PKI for MSPs
A PKI is a vital part of any comprehensive network security strategy and Managed Service Providers (MSPs) are aware of this. Currently, MSPs are under scrutiny as a number of...
Authenticating Guest Users for VPN with Azure AD B2B and SecureW2
Cross-organization collaboration can be tricky for the IT department because they need to make sure the partner’s security policies match their own, then create temporary guest user accounts and ensure...
Managed PKI Solutions for Active Directory Certificate Services
Investing in a Public Key Infrastructure (PKI) for your 802.1x network is the single best decision you can make to improve your network. The hardened security and improved user experience...
Dynamic RADIUS VLAN Assignment for VPN
One quarter of all internet users in the world used a VPN in the last month to protect their identity privacy and their data privacy while accessing the internet. Are...
Can I Use Google With LDAP?
Google Suite, also known as Google Workspace, is many people’s go to cloud-based productivity suite. G-Suite is a collection of collaboration tools and software that organizations can use to increase...
Can I Replace LDAP/OpenLDAP with Azure?
OpenLDAP is a free, open-source LDAP server that is used and trusted by organizations around the world. Historically, OpenLDAP has been a good solution for directory services and has succeeded...
What is VLAN Steering?
The VLAN (Virtual Local Area Network) is an important tool in the IT toolbox. By emulating the properties of a Local Area Network, you can segment users into any number...
Securing VPN Authentication with RADIUS & MFA
Due to the Covid-19 pandemic, organizations all over the world have closed their offices and sent their employees home to work remotely. The mass exodus from the office to remote...
Dynamic RADIUS Policy Enforcement with Static Certificates
Certificate-based WPA2-Enterprise networks are extremely secure, but x.509 digital certificates can be a hassle to manage. Although SecureW2 has one of the best certificate management platforms in the industry, we’re...
What is Dynamic RADIUS?
SecureW2 is pleased to announce the invention of a whole new kind of AAA server – Dynamic (Cloud) RADIUS. It will revolutionize the way you authenticate users and enforce policies...
Shared Hosted RADIUS for Managed Service Providers
It’s widely accepted that using a RADIUS server for network authentication is the most secure method, but there’s a significant number of organizations for which RADIUS isn’t feasible. SecureW2 has...
The Importance of Authentication Security
Authentication acts as the first line of defense to allow access to valuable data only to those who are approved by the organization. Many organizations recognize this and utilize Multi-Factor...
Enabling 802.1x with AD CS
Keeping your network secure from unwanted intruders is increasingly difficult with the advancements in technology. It’s relatively easy for malicious actors to obtain network access and steal all the data...
How to Set Up RADIUS Authentication with Okta
As the internet continues its trend toward ubiquity, the dangers of lackluster network security have become increasingly apparent. With 10 million attacks targeting usernames and passwords occur every day it’s...
802.1x Without Active Directory
802.1X is the de facto gold standard that organizations should strive for when it comes to authentication; it’s safe, secure, and efficient, especially when combined with certificates. However, setting up...
How to Automate Certificate Management and Provisioning
One of the biggest hurdles in certificate management is the lack of experience in finding the proper certificate management solutions. Often, administrators are of the notion that their only option...
Can I Use The Okta RADIUS Agent For My Wi-Fi?
An Okta RADIUS server agent is a lightweight program that runs as a service outside of Okta. It is usually installed outside of a firewall which gives Okta a route...
3 Security Advantages of a Cloud RADIUS Server
In order to successfully configure a WPA2-Enterprise network you must have a RADIUS server. The RADIUS authorizes and authenticates users signing into the network and eliminates any speculation into who...
Cloud vs. On-Prem RADIUS: Which is Better?
A requirement for all WPA2-Enterprise networks is the use of a RADIUS server. A vital part of the network, the function of a RADIUS is to authenticate the user and...
Stronger Multi-Factor Authentication With Certificates
It’s widely held knowledge that using a single factor for authentication to wireless networks is less than secure and easily exploited by hackers. According to IBM’s X-Force Threat Intelligence Index,...
Top 3 Mistakes When Setting Up a WPA2-Enterprise Network
The importance of wireless security cannot be understated as the threat of data theft continues to rise. WPA2-Enterprise networks are the first line of defense – they’ve been proven time...
Demystifying Server Certificate Validation
Credential theft is a high priority concern across many industries, and to combat it, many institutions have deployed WPA2-Enterprise wireless networks. This network type encrypts all network communications, as well...
Credential Theft Threats Facing SMBs
Data and credential theft have become an increasingly prevalent concern for SMBs as more attackers choose to target them. It’s common to hear about large scale hacks, such as Target,...