We at Mist are constantly working on making the Mist experience the best possible experience. So every week you will see new and updated cloud features. Here are the updates for November 22nd, 2017.
Network Programmability
WiFi SLE: Successful Connects
Mist is excited to include another WiFi SLE metric: Successful Connects. Use this SLE to track the success rate of the initial association, authorization, and DHCP processes for connecting clients.
Read more about our WiFi SLE here: https://www.mist.com/documentation/sle/
SAML
This week, Mist is rolling out SAML support to configure a single sign-on (SSO) system. Seamlessly sign into the Mist dashboard after setting up SAML with an identity provider. Use this function to give users without Mist accounts access to your Site and Org as specified roles (Super User, Network Admin, or Observer). With SSO, you won’t need to type in new credentials or remember multiple passwords for the multiple services you use.
To configure SAML, make sure to configure your account with an identity provider in order to sync with the Mist UI. Under Organization -> Settings, enter in your Single Sign-on information by selecting the Add IDP button.
Specify the type of role for the user with the Create Role button.
RadSec
RadSec implementation using our API was introduced back in August. We are pleased to announce this week that now, RadSec will be configurable straight from the Mist UI.
RadSec is a protocol which allows RADIUS servers to transfer data over TCP and TLS for increased security. With RadSec capabilities, you can transfer RADIUS packets through roaming environments while still ensuring end-to-end security through the transport layer.
To configure RadSec, set up a 802.1X or MAC auth WLAN and select Enable under RadSec. Here, provide the Server Name, Server Addresses, and RADIUS Authentication Server.
Navigate to Organization -> Settings to obtain the Mist Certificate and enter your RadSec Certificate to complete the setup.
Cloning Organization Templates
Mist uses “Templates” at an Organization level to streamline the creation and setup of multiple sites. We are providing an additional level of control by allowing users to clone organization templates to be used on multiple sites.
Create an organization template under Organization -> Config Templates. When finished, click on the Clone button to create a clone of your template.
MAC Authentication, PSK Security with Guest Portal
The Guest Portal defines the landing page which the customer receives when you choose set up a guest network in the WLAN . It gives the opportunity to collect important customer information like – Name, Email Address, Company name, etc. This week, Mist is including additional security options for your guest portal. Now, set up a guest portal in conjunction with MAC Authentication, and PSK Security as well to limit your guest network to a specific group of users. Make sure to have a RADIUS server setup in order to use MAC Authentication.
To set up a guest portal with additional security, navigate to Network -> WLANs and select your desired Security and select Show guest portal in the Guest Portal section.
DSCP Tagging (beta feature only)
DSCP helps manage network traffic and provides a specific quality of service (QoS) on the network. Use DSCP tagging to convert all traffic to a specified QoS tag (Background, Best Effort, Video, and Voice). Use this feature when you have different WLANs setup for different uses – for example, configure one WLAN for only voice, and one WLAN for only video.
To set up DSCP Tagging, navigate to Network -> WLANs and create a new WLAN. Select Overwrite QoS in the QoS Priority box, and select the desired Wireless Access Class in the dropdown menu. Your network will then tag all traffic on that WLAN with the desired QoS.
Simplified Operations
Claim AP improvements
Mist is improving the Claim AP process by allowing the option of pre-naming APs when claiming to a site. Generate names for your APs by using the site name, its MAC address, an incrementing counter, or a combination of the three.
Navigate to Access Points and select the Claim AP button to use this new format to Claim your APs.
Twilio Integration for Guest Portal
Mist Systems is extending its Social Login capabilities with support for the cloud communications platform, Twilio. Now, enable Twilio as an option to grant access to your captive portal guest network.
Navigate to Network -> WLANs and configure a Guest Portal. Under the Authorizationtab, select Text Message to expose the option of enabling Twilio.
Resolved Defects
Dynamic VLAN bug fix
We added the STA VLAN ID to the reassociation packet so that WXLAN forwards the packet on the correct VLAN. This fixes bugs seen on dynamic vlan configurations.