netgo group
netgo group


Secure WLAN with the right authentication from the specialist

Many small and medium-sized enterprises give too little thought to the operation of a secure WLAN.

The IT department or even individual employees often connect access points to the internal company network. When operating a WLAN, all data should of course be adequately encrypted. However, this topic will not be discussed here. Instead, it is about an equally important but often ignored topic: authentication.
The majority of wireless networks in companies are secured with a WLAN key (a so-called preshared key). If you know this key, you gain access to the WLAN and thus to the internal resources. Without this key, you cannot establish a wireless connection.
However, this procedure involves risks. In most companies, the wireless LAN key is never changed. Departing employees therefore continue to have access to internal resources when they are in the vicinity of the company. Guests who should have access to the network for a short time have unlimited access to the WLAN and thus the internal resources. Often the key is passed around so freely that no one knows who ever received the key (and thus has access). State-of-the-art WLAN installations take two other approaches (without a preshared key) to adequately secure the networks.

Guest network

Since you don’t want to create a user for every guest, you have to find another way of authentication. One option is the use of voucher solutions. With these, short-term access rights can be created: On a portal, a code must be entered, which can be prepared in paper form, for example. This code is then valid for any defined period of time. This solution, familiar from hotels, also enables companies to operate a WLAN securely. Of course, the guest network should be separate from the internal network. However, since modern access points broadcast several SSIDs and can handle VLANs, this can be set up quickly and easily.

Internal use

Users do not authenticate themselves with the key (the same for all users), but with an individual combination of user name and password. This means that when an employee leaves the company, his/her account can simply be deactivated and he/she no longer has any access to the WLAN. This form of authentication (802.1x) via a radius server can be linked to the Active Directory. This way, the user has only one password for his/her PC and the WLAN. As soon as the user account is deactivated, the possibility of using the WLAN also expires.

Frau mit Headset steht vor Computer

WLAN check: Optimal WLAN throughout the office

If you don't have Wi-Fi in your office yet
  • we carry out a WLAN simulation with a detailed floor plan.
  • This simulation is carried out by a certified technician using professional software (Ekahau).
  • Finally, you will receive the result with our assessment of what support you need.
On-site WLAN Survey
  • We conduct on-site surveys of your premises to test and determine the Wi-Fi requirements.
  • Surveys can also be used to find solutions to network problems that occur on site.
  • Our surveys can be used to optimise and efficiently structure or restructure your network.
  • Our on-site Wi-Fi surveys are conducted by certified network technicians using specialised tools to achieve the best possible results.

Dein Ansprechpartner

Interesse oder Fragen?

Sales Consultant

Sebastian Springer