Solved

Security around WPA2 Enterprise

Posted on 2010-11-10
5
865 Views
Last Modified: 2013-12-09
Greetings all

We are looking at deploying wireless networks in our offices globally. From what I understand, we'll be using WPA2 Security. From what I understand, users will have a seperate username/password to log onto the wireless networks from their laptops and mobile devices (Blackberry, iPhone, Android etc).

I'm a little confused about the security aspects of this in terms of RADIUS and certificates. Since we are using usernames and passwords, presumabley with the help of a RADIUS server, are certificates also going to be involved? Or are certificates only involved if we're NOT using usernames/ passwords.

Secondly, if we are using certificates (either with RADIUS or not), how do we get the certificates onto laptops and mobile devices?

Finally, it's the mobile device side that I'm most worried about. Has anyone any advise regarding getting Blackberry, iPhones and Androids to work with Enterprise WPA2?

Many thanks in advance, folks.
0
Comment
Question by:Joe_Budden
  • 2
  • 2
5 Comments
 
LVL 4

Assisted Solution

by:zgiuffria
zgiuffria earned 250 total points
ID: 34104503
If im not mistaken you can use a certificate and a user name and password.  It is up to you.  You will just want to put the certificates on the laptops and there will be an option to install them.  With the mobile devices it will probably ask you to allow the cert.  The blackberry and I phones should work fine with WPA2...
0
 
LVL 8

Accepted Solution

by:
devinnoel earned 250 total points
ID: 34104558
At DEFCON they decided to deploy WPA2 enterprise to secure their WiFi. Popularly known as the most hostile network in the world, I think it says something that they chose it & it held up.

You need to install a digital certificate on each client for it to authenticate the AP, and then they provide a username/password to authenticate themselves to the server.

0
 
LVL 1

Author Comment

by:Joe_Budden
ID: 34104731
Thanks guys - any ideas on how to get the certificates on the mobile devices? Or, as zgiuffria says, will mobile users just recv a prompt about the certificate and whether the user wants to allow the connection anyway?
0
 
LVL 8

Expert Comment

by:devinnoel
ID: 34104795
The only one I've looked at much was nasty old Windows Mobile 6.5 a while back. There was an option somewhere to add a certificate. I haven't looked into it for my current (Android phone). I'd suggest goggling around on it a bit.
0
 
LVL 4

Expert Comment

by:zgiuffria
ID: 34105664
I think it depends on the certificate and if it identifies it as a certificate.
0

Featured Post

NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is an explanation of a simple data model to help parse a JSON feed
If your app took Google’s lash recently, here are the 5 most likely reasons.
When you create an app prototype with Adobe XD, you can insert system screens -- sharing or Control Center, for example -- with just a few clicks. This video shows you how. You can take the full course on Experts Exchange at http://bit.ly/XDcourse.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

838 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question