Want to learn the best practice for configuring Chromebooks with 802.1X authentication?

Sign up for a Webinar!
Case Studies

Australian Real Estate Developer Builds Powerful Network Security

Cloud Radius
Microsoft Active Directory
Case Study Hero BG

Deployment Timeline

The client reached out to SecureW2 in April 2021. The client needed assistance with launching Windows Hello in their AD/Azure Hybrid environment.

Windows Hello is one of the easiest ways to add biometric security to your authentication protocols . Biometric security fulfills one part of multi-factor authentication (MFA) by allowing end users to utilize something they have, such as a fingerprint or face scan, as part of the login process. In order to deploy Windows Hello, however, the client realized they needed a Public Key Infrastructure (PKI).

SecureW2 helped them get their network infrastructure ready for Windows Hello with an easy to use PKI and state-of-the-art Cloud RADIUS. After a week-long trial, the client successfully launched with SecureW2.


As previously mentioned, the client reached out to SecureW2 for help in launching a PKI to use for Windows Hello for Business. In order to use Windows Hello in a hybrid environment, they needed a PKI to deploy a server certificate on a domain controller server to act as a root of trust for all other certificates being deployed.

The client wanted that root certificate to be pushed via Intune to all other managed Windows devices.

Quote Left Icon
We wanted to take advantage of the biometric authentication features that were available with Windows Hello, but really didn’t want to use all our resources on building our own PKI from scratch.

After deciding to implement a PKI, Alex and his team also decided that they wanted to take advantage of certificates for their Wi-Fi network authentication.

Quote Left Icon
If we were going to utilize a PKI, we wanted to make sure we got the most out of it.


SecureW2 was able to provide the client everything they needed and more for their Windows Hello deployment. The client is utilizing Intune as their MDM, which is perfect for certificate deployment when used alongside SecureW2.

By utilizing SCEP (Simple Certificate Enrollment Protocol), we were able to issue certificates to all their managed devices without any end-user action. Once the certificates were distributed, the client was able to utilize biometrics as an MFA solution for their end users to login to Windows devices.

Quote Left Icon
Deployment was a breeze, thanks to SecureW2.

The client was also able to take advantage of SecureW2’s Cloud RADIUS for 802.1X network authentication. When an employee attempts to access the network, their attributes on the certificate are analyzed by our Cloud RADIUS server. This ensures they are a valid organization member, as well as checks their group membership permissions for role-based access control.

Evaluating Success

The client now has access to a powerful 802.1X network that ensures complete visibility for Alex and his team.

With Windows Hello for Business providing biometric capabilities and Cloud RADIUS ensuring the network remains secure, this Australian conglomerate is at the pinnacle of cybersecurity.