When making the move to certificate-based network security, organizations are often stumped to find a solution for efficiently enrolling managed devices for certificates. SecureW2 offers a solution that configures and auto-enrolls managed devices for certificate-based authentication. For customers considering supporting BYODs alongside their managed devices, SecureW2’s infrastructure for managed device auto-enrollment can be used to provide self-service network configuration for BYODs.
MDM Managed Devices
The JoinNow solution comes with a powerful certificate enrollment gateway enabling MDMs (Workspace One, JAMF, Intune, MobileIron, etc.) to push out configuration profiles that will have devices auto-enroll for certificates. In one fell swoop, all your managed devices will be setup for certificate-based authentication for Wi-Fi, Web Apps, VPN and more.
AD Domain Managed Devices
For Active Directory domain-joined devices, SecureW2’s industry-first technology allows IT administrators to auto-enroll their Windows system for user and machine certificates with no infrastructure changes to their environment. Organizations can configure GPO to send out a configuration profile to their domain-joined devices that will automatically enroll the device for a certificate and configure it for certificate-based authentication.
G-Suite Managed Devices
SecureW2 also offers certificate auto-enrollment and network configuration for managed Chrome OS devices via G-Suite management tools. By leveraging a powerful Chrome extension with Google-approved communications, every managed Chromebook can have an individual user auto-enroll for certificates. This provides both identity and device tracking for each network session/connection.
Infrastructure to Support BYODs
SecureW2 enables organizations that have traditionally only supported managed devices or K-12 one-to-one devices, to also support BYOD devices. The #1 rated onboarding client enables easy WPA2-Enterprise self-configuration for BYOD devices. With our turnkey PKI, organizations can use the identity context that certificates provide alongside implementing SSL inspection so admins can enforce any content filtering policies necessary.
Powerful Certificate Management and Configuration Features
Remotely Troubleshoot Devices
SecureW2 software allows you to troubleshoot errors in real-time with individual devices and monitor network connections. View and fingerprint which devices are connecting to the network while they are being onboarded, and simultaneously monitor any connection messages users may encounter. Detailed information about individual devices such as network adapters, MAC addresses, driver versions, and manufacturer and driver dates help network admins begin the troubleshooting process and gather analytics from the cloud. End-user data including device type, operating system/build version, and application version is securely reported back to the cloud and made available for network admins for use in assessing connection patterns and creating network visibility.
Configure Server Certificate Validation
Server certificate validation is one of the most important ways of preventing over-the-air credential theft. Manually configuring server certificate validation isn’t supported by Apple devices, and is very difficult to do on Android and Windows devices. SecureW2’s onboarding client ensures that devices of all operating systems are configured for server certificate validation when they are setup for network access.
Create Robust Certificate Policies
SecureW2 makes it easy to track and manage certificates. Certificate policies allow the administrator to determine the lifecycle and permissions of client certificates, as well as automated notifications to users, administrators, and external systems regarding the issuance, revocation, and expiration of certificates. For example, you could create a policy that gives students certificates with a 4-year expiration, and staff an 8-year expiration.
Revoke User Access After They Leave
SecureW2 comes with a built-in CRL (Certificate Revocation List) and provides mechanisms to validate current user status in the organization. Network administrators can also manually delete certificates from the management portal at any time. You can rest easy knowing that only current members of the organization have access to the network.