Here is some of the best practices in securing your devices in the network. When we talk about the most secure method to secure access to the network we are usually talking about 802.1x.
- Getting Started
- Wireless
- Wired Switching
- WAN Edge
- Mist Access Assurance
- Location Based Services
- Premium Analytics
- Security and Cloud Administration
- MSP
- Automation
- Product Updates
- Marvis
- Security Alerts
- FAQ
Configuration
Get started with Mist Access Assurance we will get starting by looking at various 802.1x authentication use cases with both wireless and wired.
How to create both CA and client certificates you can use for lab testing.
How do you configure your client devices using different operating systems using certificates to connect to a Wi-Fi network. Note this video is only useful if your doing lab testing using your test certificates and not for production networks.
How to have a windows device to use a certificate to authenticate. So we have our lab test certificate with the CA embedded and we have our Mist certificate embedded in the Mist dashboard previously.
Lets take a look how we configure an Android device in this particular case this is a Pixel 7 with our certificate. So we have the same 2 certs we need to copy over to the Android device through USB or any other way…
Validation and troubleshooting, so if we look at one of these clients that we connected successfully, we can take a look at the Intel device and client insights, we now have all the network related events as the client goes through updating DHCP, resolving ARP and DNS….
Authentication policies, how can we use them in combination with certificates alone. We will create another example, so far we have authenticated a user using the test certificate we created before. What if we want to differentiate between different types of users just by looking at certificates.
In our use cases, so far we have been using EAP-TLS just by looking at the user certificate now let’s add a little bit more into the mix. Lets add identity provider lookup, so what we want to do is still use EAP-TLS for the authentication but add….
Now we have configured let’s validate. Let’s see which policy is actually being “hit” by this user. So we went in and did “client certificate check” , so we see the client trusted the server certificate…