Judges: Mike Finneran (dBrn Associates), Grant Moerschel (Wavegard)
XpressConnect helps IT more efficiently get employees started on secure Wi-Fi networks by using self-service mechanisms. With the growing move to bring your own device (BYOD) policies and the increasing number of Wi-Fi enabled smartphones and tablets in companies, IT departments are often overtaxed when helping employees connect to the wireless LAN.
During provisioning, Xpress Connect presents a single signup page through which users identify themselves as an employee with a corporate device, an employee with a personal device, a visitor, or a business partner or contractor. Each user's role and the device's trust level determine the access allowed. For example, an employee with a personal device might receive limited access to network resources and less bandwidth than an employee with a company-owned device.
Using dissolvable enrollment agents, Cloudpath's solution can onboard a variety of client platforms, such as Windows, iOS, and Android. It can take these devices from an open, enrollment WLAN--or a 3G/4G network--to a more secure WLAN, based entirely upon digital certificates like EAP-TLS or other authentication and encryption mechanisms, including EAP-PEAP and EAP-TTLS. For user authentication, XpressConnect works with Active Directory, LDAP, OTP, and OAuth-compliant services such as Facebook and LinkedIn. XpressConnect can act as a certificate authority for visitors and personal devices covered under BYOD policies, or it can interact directly with your Certificate Authority should you wish to push device certificates through it. The device certificate issued can have a specified expiration date so that the device automatically retires after a specified period.
Cloudpath's software found early acceptance in university environments, where many students were bringing their own devices and IT needed a way to connect them in a streamlined fashion. The company is now moving beyond its university base to cable companies, retailers, and other organizations that operate large-scale Wi-Fi networks, and it's looking at how its technology might be used in connection with customer loyalty plans. Because XpressConnect helps solve the thorny problem of auto-enrolling non-domain devices into the secure WLAN infrastructure while discerning among different user and device classes, it's worth a close look. --Mike Finneran