Feedback
Roadmap
Changelog

April 27th, 2025

New

RADIUS policy for Wi-Fi and VPN

The feature involves configuring Wi-Fi or VPN access using SCEP (Simple Certificate Enrollment Protocol) and RADIUS (Remote Authentication Dial-In User Service) to enhance security and streamline connectivity for organizations. Here's a summary of the feature:

Feature Overview

  • Purpose: This feature allows organizations to configure Wi-Fi access points or VPN connections to accept connections via SCEP certificates, eliminating the need to share Wi-Fi passwords with individual employees. This enhances security and simplifies the management of Wi-Fi or VPN access.

Key Components

  1. SCEP Certificate Configuration:

    • Components: The SCEP certificate includes a CA server certificate, SCEP server URL, and a SCEP Subject CN, which is typically the device owner's email address.

    • Functionality: Admins configure the SCEP certificate and associate it with a Wi-Fi policy. This policy is then deployed to devices, allowing them to connect to Wi-Fi networks securely.

  2. Wi-Fi or VPN Policy Setup:

    • Integration: The Wi-Fi or VPN policy uses the SCEP certificate for authentication, ensuring that only authorized devices can connect to the network.

    • Deployment: Admins can deploy the Wi-Fi or VPN policy to devices, enabling automatic and secure connections to the organization's Wi-Fi network or VPN.

  3. RADIUS Server Configuration:

    • Setup: A RADIUS server is used to authenticate devices connecting to the Wi-Fi network or VPN server. The server requires a trusted CA certificate and an SCEP server to issue user device certificates.

    • Authentication: Devices use the SCEP certificate for authentication, ensuring secure access to the network.

Benefits

  • Security: By using certificates instead of passwords, the feature enhances network security and reduces the risk of unauthorized access.

  • Efficiency: Automating the Wi-Fi or VPN connection process simplifies network management and reduces the administrative burden on IT teams.

  • Scalability: The feature supports large-scale deployments, making it suitable for organizations with numerous devices and users.

This feature is particularly beneficial for organizations looking to improve their network security and streamline the management of Wi-Fi or VPN access across multiple devices and users.

Sources:

  1. https://help.swif.ai/en/articles/10536400-configuring-a-policy-for-radius-wi-fi-on-windows

  2. https://help.swif.ai/en/articles/10694075-how-to-configure-swif-ai-radius-wi-fi-policy-using-scepman-as-the-scep-certificate-provider

Write a comment...