Deployment Timeline
The client reached out to SecureW2 in August 2021. Luke, the Senior Network Engineer, wanted help setting up a RADIUS and PKI that could integrate into their cloud environment.
After a brief trial period, and a few phone meetings with our support team, they were able to launch their 802.1X network backed with a dynamic Cloud RADIUS in just a week’s time.
Challenges
This company was looking for a solution that would help regulate their network activity for their expanding team that was becoming more reliant on VPNs to access company resources. Luke and his team had researched 802.1X authentication and wanted to implement the protocol as their network solution.
The IT team tried to set up their own RADIUS server using NPS, but found the service was time-consuming for configuration and required hours of upkeep and maintenance. In addition, this method can only work via a password authentication protocol (PAP), which is far less secure than its 802.1X certificate counterpart.
The client also needed a system in place to manage all the devices accessing their network, regardless of whether the device was managed or BYOD.
Solution
SecureW2 provided the client with everything they were looking for and then some. The client was on a tight deadline to finish the deployment and made it known early.
The client was already utilizing Jamf as an MDM to manage their Mac OS and Windows devices, so they were able to leverage SCEP gateways to auto-enroll devices. Certificates are distributed to MDM devices and devices use the certificate to automatically connect to the network with no human interaction. It is an extremely efficient method for organizations that want to complete the network setup fast.
A valuable feature of deploying certificate security with SecureW2 is that we integrate with all major MDM vendors in the industry. All an organization’s MDM devices can be outfitted with certificates in an instant.
Our Dynamic Cloud RADIUS is the only cloud RADIUS that can directly reference cloud identity providers like Azure. This allows the IT department to enforce group policy and user segmentation by editing a user attribute in Azure rather than going through a certificate management cycle. Being able to manage user attributes in Azure simplifies certificate management, especially when combined with the easy-to-use management portal that lets IT view all activity on the network.
Evaluating Success
They reached out to SecureW2 to secure a PKI and a RADIUS. What they ended up with was a state-of-the-art network infrastructure that is backed with an industry-exclusive Dynamic RADIUS.
Their managed devices were able to be enrolled with certificates through SCEP and users with BYOD are able to enroll themselves for certificates in just a matter of minutes. Employees working from out of the office are able to access the company VPN using SecureW2’s intuitive Cloud RADIUS for VPN authentication.