Enterprise WIFI

Enterprise WIFI

Protect your enterprise wireless networks


The weak link in WIFI security is usually lack of strong authentication

Most companies are equipped with an Enterprise WIFI from Cisco or similar network device vendor. Wifi provides over-the-air bridging to your corporate infrastructure and for that, needs to be secured accordingly. The weak link in WIFI security is usually lack of strong authentication: access is granted either with a pre-shared key, or at best, with simple username and password.

RCDevs provide you

The only solution which supports OTP for WIFI

A more secure way is to grant access on per-user basis, using IEEE 802.1X, and Multi-Factor Authentication (MFA).
OpenOTP supports IEEE 802.1X standard, providing EAP-GTC (commonly used with Cisco devices), EAP-TTLS-PAP and EAP-TLS authentication over RADIUS.

This means that employees can authenticate to corporate WIFI with:

– X.509 Certificates – Employees self-enroll certificates through an easy to use web-UI that’s protected with one-time URLs and/or one-time codes, delivered via SMS for example. The same convenient way of self-service continues on certificate renewals, with users being automatically notified to re-enroll their certificate and are provided with a one-time URL to do that.

– One-Time Passwords – Users can concatenate passwords with a one-time code from their preferred token provider, like OpenOTP Token App, RC200/300/400, Google Authenticator, or from any OATH compliant Hardware or Software Token.

– Push Login (aka. one-tap login) – Users with OpenOTP Token App can authenticate to WIFI by simply pressing “Accept” on the login that was pushed to their mobile.

Main features

The only solution which supports OTP for WIFI
OpenOTP Two-Factor for Wifi access does not support the challenged OTP mode. It also requires password concatenation where the OTP password is concatenated with the domain password. Its usage is simple: Users select the network SSID and are prompted for their password(s). A WebADM client policy for your OpenOTP Wifi will let you decide if the users should login with domain password only, the OTP password only or both passwords concatenated.
More about EAP
EAP-TLS (EAP Transport Layer Security) was subsequently defined by IETF RFC 5216. The protocol was created as an open standard leveraging the TLS (Transport Layer Security) protocol and has found wide-spread support with the various wireless vendors on the market. It primarily consists of the original EAP authentication protocol and is still considered to be one of the most secure EAP standards on the market.

Key features

Supported on Enterprise Wifi with EAP-GTC and EAP-TTLS-PAP
Supports any OpenOTP method (Tokens, Yubikey, SMSOTP, MailOTP…)
Supports LDAP, OTP and LDAP+OTP login modes
Supports Contextual authentication with MAC addesses
Convenient Two-Factor with password concatenation
Per user and group reply attributes for Wifi role-based access
Authentication policies per client application or group of users
Compatible with

This is a non-exhaustive list of OpenOTP compliant products

Cisco Wifi using the EAP-GTC technology
Wifi devices supporting Enterprise RADIUS with EAP-TTLS-PAP
See how simple it is to integrate OpenOTP with Wifi

Read more about related products

Authentication methods

Our solution for Wifi provides Two-Factor with all OpenOTP One-Time Password methods:

To request an online demo, you only have to create your account or contact us.

Online Demos are available for free to let you try RCDevs multi-factor in 5 minutes and authenticate with your mobile or Yubikey.