Review: Best tools to set up secure Wi-Fi for BYOD

Deploying the enterprise mode of Wi-Fi Protected Access (WPA2) with 802.1X authentication provides great Wi-Fi security, but complicates the client configuration and connection process. In bring-your-own-device (BYOD) environments, this can cause user frustration and a spike in help desk calls. The solution is to deploy an automated configuration process so users can easily connect their devices without intervention from IT staff.

In this review, we looked at three tools to help distribute your Wi-Fi and 802.1X settings to users: ClearPass QuickConnect from Aruba, XpressConnect from CloudPath, and theopen source SU1X. Though there are differences between them, all help you generate a custom configuration program or app that users can run on their computers, smartphones, or tablets to configure it with wired or wireless network settings. The configuration program or app can be distributed to users via a website, captive portal on a separate "setup" SSID, or other means, like a CD or flash drive.

Additionally, each tool can also install your RADIUS server's Certificate Authority certificate on the clients. And some of them also support configuring or installing other non-wireless settings or features, like third-party applications, modifying a browser's proxy settings, enabling Windows Updates and Windows Firewall, and even installing a network printer.

IN PICTURES: How to set up secure Wi-Fi for BYOD

BYOD: Where the costs are

Here are the individual reviews:

ClearPass QuickConnect

ClearPass QuickConnect from Aruba is a cloud-based service that supports clients using Windows, Mac OS X, iOS, and Android. In addition to the 802.1X settings, it can also install the RADIUS server's Certificate Authority certificate; but not user certificates — though this functionality is being added in an update slated for next month.

QuickConnect supports the third-party SecureW2 supplicant in addition to a device's native supplicant. It also supports the client configuration of both WPA modes: 802.1X and pre-shared key (PSK). However, unlike the other solutions, you have to choose between WPA or WPA2, but can't choose both; one as the preferred option and one as a fall-back. For 802.1X QuickConnect lets you enable Network Access Protection (NAP) on the client and install a NAP client (or any other program/installer).

Unlike the other solutions, QuickConnect lets you easily package third-party applications or installers with the client configuration program. In addition to installing the third-party SecureW2 supplicant, this could give you the opportunity to install other network applications/clients or other organization-wide applications.

To get started with QuickConnect, you log into their website where you'll find a simple interface. To define the network and client program settings you add a Network.

This story, "Review: Best tools to set up secure Wi-Fi for BYOD" was originally published by Network World.