Cloudpath Enrollment System

Secure Network Access for BYOD, Guest Users and IT-Owned Devices

Cloudpath Enrollment System is a software/SaaS platform that delivers secure wired and wireless network access for BYOD, guest users and IT-owned devices. It streamlines getting devices on the network and secures every connection with powerful encryption. Cloudpath software gives you granular policy control over what network resources users can access. It lets you deliver a great end-user experience and virtually eliminates helpdesk tickets related to network access. Choose from cloud-based or virtualized on-premises deployment. Cloudpath software supports any user, any device, and any network infrastructure.

Increase Security for Users, Devices, Data and the Network

Cloudpath software secures network connections with WPA-2 Enterprise—the highest standard in secure Wi-Fi. The system encrypts data in transit between the device and Wi-Fi access points for maximum security. It lets you define and manage polices for network access so that users see only what they should see. You gain visibility and control over what devices are on the network, and the power to revoke access at any time. A device posture check with remediation during onboarding ensures that only devices with appropriate security safeguards in place gain access.

Streamline Network Access for BYOD Users

The sheer volume and diversity of devices that require network access can cause headaches for IT departments. What if BYOD users could self-provision their devices with intuitive self-service workflows? With the simple onboarding portal in Cloudpath software, they can. Users get a great experience without IT intervention. BYOD users initially gain access with existing login credentials. The system installs a digital certificate on the device so that users authenticate seamlessly from that point forward—without having to re-enter a Wi-Fi password.

Give Visitors Easy, Self-service Guest Wi-Fi

No matter what the environment—schools, colleges, hotels, public venues, or anywhere, really—the first thing visitors ask is “How do I get on the Wi-Fi?” Cloudpath software delivers secure guest access for visitors without involving the IT helpdesk. Guest users simply self-register for internet access via an intuitive portal and receive login information via SMS, email, or printed voucher. You can customize the login portal, guest workflows, terms and conditions, and more for a trouble-free and secure user experience.

Get a Live Demo

Fill out the form below to request a live online demo with a Ruckus representative.
(Licensed by user, not device; licenses start at 100 users minimum)

 
Secure Network Access
Secure every connection for BYOD, guest, and IT-owned devices (including IoT) with WPA2-Enterprise via 802.1X authentication
Encrypt data in transit over the air between devices and wireless access points
Perform up-front security posture check with remediation during network onboarding
Gain visibility into what devices are on the network, with the power to revoke access at any time
Associate every device with a user for greater control over your IT environment
Self-Service Onboarding and Device Enablement
Empower BYOD and guest users to securely self-provision their devices for network access—without IT intervention
Tailor the user experience with customizable onboarding workflows and self-service portal
Prompt users to install software of your choice during onboarding
Certificate Management
Improve network security by using digital certificates for authentication
Manage your own Public Key Infrastructure (PKI) with built-in certificate authority—or use external certificate authorities
Use the built-in RADIUS server and user database—or third-party platforms
Policy Management
Create and manage granular per-user, per-device network access policies
Apply role-based access controls—users only see the network resources that they should see
Implement VLANs and application-based access for a secure, high-performing network
Third-Party Integration via APIs
Enhance network security through integration with web content filtering, next generation firewall and mobile device manage management products
Simplify Chromebook setup with user-driven, IT-driven or distributor-driven approaches
Facilitate inter-campus Wi-Fi roaming in higher education with eduroam integration
Forest Hills Public School District

Michigan. 10,000 students. 1:1 Chromebooks needed more than 30 devices per AP.

Neumann University

Ruckus Provides Champion-Caliber Wired and Wireless Network

Sunway University

Sunway is a university located in Malaysia that serves 18,000 students and 1,500 staff members

Case Study

Blackpool and The Fylde College

Cloudpath Enrollment System Supports Digital Campus

Case Study

Fairfax County Public Schools

Embracing Bring-Your-Own-Device via Cloudpath Enrollment System

Case Study

Summit Public Schools

Cloudpath Enabling Reliable, Secure Authentication Across Campus

https://res.cloudinary.com/ruckus-wireless/image/upload/ar_16:8,c_fill,g_auto,q_...

Worcester Polytechnic Institute

Cloudpath Meets the Challenge at Worcester Polytechnic Institute

Victor Central School District

Victor, NY. 4,500 students. Replaces Aruba with Ruckus W-Fi for 1:1 learning and secure onboarding.

Ruckus Blog

ESG white paper covers IT security aspects of BYOD onboarding

ESG white paper covers IT security aspects of BYOD onboarding

Vernon Shure

https://theruckusroom.ruckuswireless.com/wp-content/uploads/2018/09/shutterstock...

Three ways to use network access policies beyond IT security

Vernon Shure

Three ways unsecured Wi-Fi can contribute to a data breach

Three ways unsecured Wi-Fi can contribute to a data breach

Vernon Shure

What Is Secure Onboarding, and Why Is It Such a Challenge?

What Is Secure Onboarding, and Why Is It Such a Challenge?

Vernon Shure

https://theruckusroom.ruckuswireless.com/wp-content/uploads/2018/08/blogimage-60...

What Is the Definition of a Data Breach, and Does Ransomware Count?

Vernon Shure

What’s Wrong with MAC Authentication and Pre-shared Keys (PSKs)

What’s Wrong with MAC Authentication and Pre-shared Keys (PSKs) for BYOD and Guest Wi-Fi Access, Part II: User and IT Experience

Vernon Shure

https://i0.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2018/03/th...

Wireless Eyes Are Watching – An Unexpected Benefit of Wi-Fi Security

Wendy Stanton

https://i2.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2018/03/th...

Secure Wi-Fi Access Using Dynamic Pre-Shared Keys

Vernon Shure

https://i2.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2018/01/th...

Securing BYOD and 1:1 Network Access in Primary and Secondary Schools

Staff

https://i2.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2017/11/47...

What’s Wrong with PSKs and MAC Authentication for BYOD?

Staff

https://i0.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2017/08/bl...

Heading into The Golden Era of Education Technology Solutions

Wendy Stanton

https://i2.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2017/08/fe...

Making Wireless Access and BYOD a Reality at your Agency

Chris Collura

Videos

Secure Network Onboarding

Wired and Wireless Network Security

What it means:

Network onboarding is the process by which a BYOD, guest or IT-owned device gains access to the network for the first time. Secure network onboarding means doing this in a way that enhances security for users, devices, data, and the network.

Why you should care:

BYOD and guest users often incur frustration with default methods for network onboarding. Default methods such as MAC authentications and conventional PSKs are not intuitive for users, leading to numerous help desk tickets. Default methods of onboarding and authentication are also not secure. An effective system for secure network onboarding improves end-user experience for BYOD users and guests. It relieves IT of the burden of excessive help desk tickets related to network access, and improves IT security as part of a layered protection strategy. Ruckus offers Cloudpath Enrollment System software/SaaS for this purpose.

Related Products and Solutions

Secure Guest Access

Wired and Wireless Network Security

What it means:

Visitors to any environment—schools, colleges, government agencies, retail, hospitality, offices or practically anywhere—arrive expecting easy and secure connectivity for their devices. Secure guest access means allowing visitors (vendors, partners, consultants—visitors of any kind) a way to securely access the internet and/or local network resources services over the wireless or wired network.

Why you should care:

When done right, guest access is a win for both the end-user and the organization providing it. Guest users are more productive when they can get online quickly and easily. Internet connectivity helps the visitor conduct whatever business or activity brings them to your environment, which also benefits the organization. Modern guest access systems let visitors securely self-provision their devices for internet access without IT involvement, avoiding costly and labor-intensive help desk tickets. These systems let IT teams customize network onboarding workflows, which may be sponsor-initiated, sponsor-approved, or entirely self-service. Guests receive their individual login credentials via SMS, email or printed vouchers.

IT teams can customize the onboarding portal so that the look and feel supports the organization’s brand. They can grant access for a specified period depending upon how long the user will remain on site. Guest users typically get internet access only—they don’t see internal network resources. IT gains visibility and control over devices on the network, with the ability to revoke access at any time. An up-front security posture check with remediation further enhances security. 

Related Products and Solutions

Certificate Management

Wired and Wireless Network Security

What it means:

In computer networking, a digital certificate is a document installed on a device that provides the basis for authenticating the device onto the network. Certificate management is the process of managing these digital certificates. This includes processes such as creation, storage, distribution, suspension and revocation. Certificate authorities (CA) are responsible for certificate management and serve as a registration authority for subscriber certificates.

Why you should care:

Digital certificates installed on the device as part of an automated network onboarding process streamline network authentication and make sure that every connection is secure. Users who have installed a certificate on their device during initial onboarding no longer have to take any action to re-authenticate on future connection attempts—the device connects automatically in a process that is transparent to the user. The certificate persists on the device until revoked by IT administrators. Default methods of network onboarding and authentication, such as conventional pre-shared keys and MAC authentication, do not provide the security or user experience benefits of digital certificates distributed via a secure onboarding platform.

Related Products and Solutions

Dynamic Pre-shared Key (DPSK)

Wired and Wireless Network Security

What it means:

Dynamic Pre-Shared Key (DPSK) is a Ruckus-patented technology that delivers secure network access by providing each device and user with a unique login credential. Users access the wired/wireless network using their own personal key, which is provided as part of the network onboarding process. In contrast, with conventional pre-shared keys (PSKs), multiple, or even all, users share the same key.

Why you should care:

Traditional pre-shared keys create a security hole in network defenses because multiple users access the network with the same key. Conventional PSKs do not give IT teams visibility and control over devices on the network or the ability to map access policies to specific users and devices. Users readily share conventional PSKs with others, and IT cannot revoke them for one user without revoking access for all. DPSKs address the security flaws of conventional PSKs to make users, devices, data and the network more secure.

DPSKs are an alternative to digital certificates that provide similar security benefits. They are appropriate in cases where user experience considerations make it impractical to install a digital certificate on the device. This applies in cases where the user will only need network access for a limited time—for example, in the case of guest users.