In June we announced Systems Manager Sentry, a set of features which provide simple, automatic security that is context aware. It can do this due to the integration between the Meraki networking products and Systems Manager.
Sentry Wi-Fi security is a feature enabled on Meraki MR wireless networks with Systems Manager. It takes the typically complex Wi-Fi access control method, EAP-TLS, and simplifies it to a couple of clicks.
To understand the power of this feature let’s quickly review Extensible Authentication Protocol (EAP) – Transport Layer Security (TLS). EAP is an authentication framework that is used for providing access to a network. As the extensible part of the EAP acronym implies, the framework can support multiple authentication protocols, from basic passwords to more secure certificate based authentication. Think of it as a cook book for a cake. Depending on the ingredients in the recipe you end up with a different cake, but still a cake.
EAP with Transport Layer Security (TLS) is considered one of the most secure network authentication mechanisms (the tastiest cake recipe). This is because it uses certificates to authenticate and secure the network connection using asymmetric cryptography. The problem with certificates, as an ingredient of this authentication mechanism, is that they are complex to setup and deploy.
There are two main reasons certificates can be complex to setup and deploy. The first is the infrastructure that is needed, something called a certificate authority. This issues the certificates and allows devices to check if a service is genuine. The second reason is that every client needs its own unique certificate. With a handful of clients this isn’t too much work, but with hundreds of thousands of clients this could be a daunting prospect. The tastiest cake results from a bake time of weeks or months, and looks less attractive as a result.
Sentry Wi-Fi security provides EAP-TLS for a Meraki MR wireless network while eliminating all the complexity. It can do this because of the certificate infrastructure that already exists for every Systems Manager customer. This eliminates the need for the configuration of a certificate authority and distribution of certificates to clients. A gourmet cake from an
instant-bake ready-mix pack.
Make deploying EAP-TLS a piece of cake with Systems Manager Sentry. To find out more listen to Paul Wolfe (Product Specialist for Systems Manager) and George Bentinck (Solutions Architect) discuss Sentry Wi-Fi security in the following podcast. Alternatively attend one of our upcoming Systems Manager webinars, or if you already have Meraki MR access points, try Sentry out today by signing up for Systems Manager.