Features

 

Designed for Certificate-Based Authentication

Cloud RADIUS is the only product in its class that was designed from the ground up for certificate-based authentication. Other vendors use insecure authentication protocols that expose users to MITM attacks by sending their credentials via Cleartext over the internet.

Cloud RADIUS provides everything an organization needs to switch from WPA2-PSK Wi-Fi to secure WPA2-Enterprise encrypted Wi-Fi using the EAP-TLS protocol for certificate-based authentication.

Dynamic Policy Engine for Role-Based Access Control

Cloud RADIUS is the industry’s only certificate-based authentication solution with Role-Based Access Control that works natively with cloud directories like Okta, Azure, and G-Suite. Our Dynamic Cloud RADIUS empowers you to automatically assign appropriate user and group policies at the moment of network authentication. Automate network access policies for Wi-Fi, VPN, Applications, Desktop Logon, and much more. All you need to do is point Cloud RADIUS to your SAML or LDAP Identity Provider, and you’re off and running.

Multi-Customer RADIUS for MSPs

Cloud RADIUS makes it possible to use a single RADIUS server to securely authenticate requests from multiple networks while still maintaining network isolation. Deliver airtight, certificate-based authentication to clients that were previously too small to be viable candidates. Powerful, single-pane interface to manage all your customers in one place.

Single-Pane AAA, Device Onboarding and Certificate Management Software

Cloud RADIUS is built-in SecureW2’s network security platform, giving full, single-pane visibility into all the authentication activity going on to the network. View RADIUS logs, WPA2-Enterprise device configuration history, and certificate enrollment and status all in real-time. Network admins can grant view-only permissions for any of these logs to help-desk personnel as well, empowering the entire IT team to remotely troubleshoot network connectivity issues on the spot.

Integrates with any Identity Provider

Unlike other RADIUS servers, Cloud RADIUS is vendor-agnostic – meaning it’s designed to integrate with every major vendor. From AD and Azure AD, to Okta and Google Apps, we’ve got you covered.

You can use your existing credentials to enroll for certificates and grant WPA2-Enterprise access. We even support Identity Lookup with SAML-based IDPs, providing the ultimate security to your network, something no one else in the industry can say.

Eliminates Over-the-Air Credential Theft

Using Secure W2’s Cloud Radius eliminates over-the-air credential theft as a threat by replacing the use of vulnerable passwords with certificates. Certificate-based security guarantees that users go through a secure enrollment process to confirm their identity, ensuring that no unauthorized users are able to access your network.

Using server certificate validation on your network can prevent credential theft, but, it’s difficult to configure correctlySecure W2’s #1 rated onboarding service ensures that your network’s security is guarded against any attack by ensuring every device is correctly configured to only connect to your Cloud RADIUS server and not a third-party imposter.

Doesn’t Send Passwords via Cleartext (EAP-TTLS/PAP)

Although information sent through the EAP Tunnel is protected by a layer of encryption, that doesn’t mean it’s completely safe. If a bad actor is able to spoof your access point, they can intercept the communication.Since TTLS/PAP does not encrypt data within the EAP tunnel, the information can be plainly read.

Other vendors still rely on this vulnerable method, but SecureW2 puts security first, and authenticates users with certificate-based EAP-TLS authentication.