SecureW2
Overview
How does this project fit into your broader strategy? | By switching to SecureW2 and certificate based authentication we will add another layer of security to our network and strengthen our security posture. |
Team | Technology (@Alex Snyder @Sam Becker @Tracy Schlitter) |
Project owner | @Alex Snyder |
Team members | @Tracy Schlitter @Sam Becker |
Date | Oct 4, 2021 |
Status | not started |
Problem space
Why are we doing this? | By eliminating non-district owned devices from our internal network and eliminating passwords we will ensure only secured devices have access to internal resources (servers). |
|---|---|
How do we judge success? | Only district owned devices allowed on internal networks. No passwords. |
What are possible solutions? | 802.1x Authentication. Guest Authentication using portal and expiring certificate to isolate traffic to secure network that does not have access to internal devices. |
Validation
What do we already know? | Password Sharing is a problem. Keeping personal devices on the guest network is a problem |
|---|---|
What do we need to answer? | Keeping our network secure. |
Ready to make it
What are we doing? | Implementing SecureW2 802.1x Auth |
|---|---|
Visualize the solution | Cloud RADIUS + Cloud PKI + Cloud NAC server. Guest Portal. Jamf SCEP for enrollment. Using NAC to control vlans |
Scale and scope | District wide project implemented by Alex. White glove setup with SecureW2. 4 week trial with implementation planned to roll out just before winter break. |