- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
End users WiFi Authentication - Meraki SM
I am looking to Automation of end user authentication to Meraki Wi-Fi. We don't have local radius and AD hence can integrated with any of these.
I am considering Meraki SM, using SMagent to enroll windows PC and automate the Wi-Fi authentication to SSID but my concern are , Is this secure to use Smagent to enroll PC and Wi-Fi connection to SSID.
can anyone advice pls ?
- Labels:
-
Enrollment
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The Meraki Authentication uses EAP-TLS which is considered one of the most secure methods available. One drawback is that it’s only supported on wireless and not for 802.1X on the switch ports. If you want to extend the authentication to the switches you need a RADIUS server.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Rakesh
One of the key benefits of using both Systems Manager and MR is the Sentry capability:
https://documentation.meraki.com/SM/Deployment_Guides/Systems_Manager_Sentry_Overview
This allows you to leverage certificates for authentication, that are delivered securely to devices (in fact, the private key for the cert stays on the device itself). Instead of you having to build and maintain both RADIUS and Certificate Authority infrastructure, Meraki Dashboard does this for you
If a device is removed from manage, we also remove the entry in RADIUS, resulting in the device not being able to authenticate against the network. And because the cert is bound to MDM, it means that if the device is unenrolled, then the certificate is removed also
The documentation should be self explanatory, but if you've any questions, let us know.
