Solved

Security around WPA2 Enterprise

Posted on 2010-11-10
5
867 Views
Last Modified: 2013-12-09
Greetings all

We are looking at deploying wireless networks in our offices globally. From what I understand, we'll be using WPA2 Security. From what I understand, users will have a seperate username/password to log onto the wireless networks from their laptops and mobile devices (Blackberry, iPhone, Android etc).

I'm a little confused about the security aspects of this in terms of RADIUS and certificates. Since we are using usernames and passwords, presumabley with the help of a RADIUS server, are certificates also going to be involved? Or are certificates only involved if we're NOT using usernames/ passwords.

Secondly, if we are using certificates (either with RADIUS or not), how do we get the certificates onto laptops and mobile devices?

Finally, it's the mobile device side that I'm most worried about. Has anyone any advise regarding getting Blackberry, iPhones and Androids to work with Enterprise WPA2?

Many thanks in advance, folks.
0
Comment
Question by:Joe_Budden
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 4

Assisted Solution

by:zgiuffria
zgiuffria earned 250 total points
ID: 34104503
If im not mistaken you can use a certificate and a user name and password.  It is up to you.  You will just want to put the certificates on the laptops and there will be an option to install them.  With the mobile devices it will probably ask you to allow the cert.  The blackberry and I phones should work fine with WPA2...
0
 
LVL 8

Accepted Solution

by:
devinnoel earned 250 total points
ID: 34104558
At DEFCON they decided to deploy WPA2 enterprise to secure their WiFi. Popularly known as the most hostile network in the world, I think it says something that they chose it & it held up.

You need to install a digital certificate on each client for it to authenticate the AP, and then they provide a username/password to authenticate themselves to the server.

0
 
LVL 1

Author Comment

by:Joe_Budden
ID: 34104731
Thanks guys - any ideas on how to get the certificates on the mobile devices? Or, as zgiuffria says, will mobile users just recv a prompt about the certificate and whether the user wants to allow the connection anyway?
0
 
LVL 8

Expert Comment

by:devinnoel
ID: 34104795
The only one I've looked at much was nasty old Windows Mobile 6.5 a while back. There was an option somewhere to add a certificate. I haven't looked into it for my current (Android phone). I'd suggest goggling around on it a bit.
0
 
LVL 4

Expert Comment

by:zgiuffria
ID: 34105664
I think it depends on the certificate and if it identifies it as a certificate.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Intune/ Microsoft EMS 1 72
not able to add Exchange account to android phone 3 46
Delphi android app hide keyboard 3 48
Exchange ActiveSync 12 54
Once again I push the limits of my phone.  An introduction to the Android Google Now Launcher.
The case of the missing phone talks about the way a small electronic gadget (the mobile phone) has penetrated into our lives and has made us addicted to it.
This Micro Tutorial will show you how to maximize your wireless card to its maximum capability. This will be demonstrated using Intel(R) Centrino(R) Wireless-N 2230 wireless card on Windows 8 operating system.
This video demonstrates how to sync Microsoft Exchange Public Folders with smartphones using CodeTwo Exchange Sync and Exchange ActiveSync. To learn more about CodeTwo Exchange Sync and download the free trial, go to: http://www.codetwo.com/excha…

697 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question