SecureW2

Overview

How does this project fit into your broader strategy?	By switching to SecureW2 and certificate based authentication we will add another layer of security to our network and strengthen our security posture.
Team	Technology (@Alex Snyder @Sam Becker (Unlicensed) @Tracy Schlitter)
Project owner	@Alex Snyder
Team members	@Tracy Schlitter @Sam Becker (Unlicensed)
Date	Oct 4, 2021
Status	not started

Why are we doing this?	By eliminating non-district owned devices from our internal network and eliminating passwords we will ensure only secured devices have access to internal resources (servers).

Why are we doing this?	By eliminating non-district owned devices from our internal network and eliminating passwords we will ensure only secured devices have access to internal resources (servers).
How do we judge success?	Only district owned devices allowed on internal networks. No passwords.
What are possible solutions?	802.1x Authentication. Guest Authentication using portal and expiring certificate to isolate traffic to secure network that does not have access to internal devices.

What do we already know?	Password Sharing is a problem. Keeping personal devices on the guest network is a problem

What do we already know?	Password Sharing is a problem. Keeping personal devices on the guest network is a problem
What do we need to answer?	Keeping our network secure.

What are we doing?	Implementing SecureW2 802.1x Auth

What are we doing?	Implementing SecureW2 802.1x Auth
Visualize the solution	Cloud RADIUS + Cloud PKI + Cloud NAC server. Guest Portal. Jamf SCEP for enrollment. Using NAC to control vlans
Scale and scope	District wide project implemented by Alex. White glove setup with SecureW2. 4 week trial with implementation planned to roll out just before winter break.