SecureW2

Overview

How does this project fit into your broader strategy?

By switching to SecureW2 and certificate based authentication we will add another layer of security to our network and strengthen our security posture.

Team

Technology (@Alex Snyder @Sam Becker (Unlicensed) @Tracy Schlitter)

Project owner

@Alex Snyder

Team members

@Tracy Schlitter @Sam Becker (Unlicensed)

Date

Oct 4, 2021

Status

not started

Problem space

Why are we doing this?

By eliminating non-district owned devices from our internal network and eliminating passwords we will ensure only secured devices have access to internal resources (servers).

Why are we doing this?

By eliminating non-district owned devices from our internal network and eliminating passwords we will ensure only secured devices have access to internal resources (servers).

How do we judge success?

Only district owned devices allowed on internal networks. No passwords.

 What are possible solutions?

802.1x Authentication. Guest Authentication using portal and expiring certificate to isolate traffic to secure network that does not have access to internal devices.

Validation

What do we already know?

Password Sharing is a problem. Keeping personal devices on the guest network is a problem

What do we already know?

Password Sharing is a problem. Keeping personal devices on the guest network is a problem

What do we need to answer?

Keeping our network secure.

Ready to make it

What are we doing?

Implementing SecureW2 802.1x Auth

What are we doing?

Implementing SecureW2 802.1x Auth

Visualize the solution

Cloud RADIUS + Cloud PKI + Cloud NAC server. Guest Portal. Jamf SCEP for enrollment. Using NAC to control vlans

Scale and scope

District wide project implemented by Alex. White glove setup with SecureW2. 4 week trial with implementation planned to roll out just before winter break.