G Suite + FreeRADIUS for WiFi Authentication
Many organizations are interested in leveraging their G-Suite with their RADIUS solution for authentication. In this article we’re going to see exactly how to use RADIUS with Google Apps / G-Suite.
What is G-Suite?
Google Suite, also known as Google Workspace, is many people’s go to cloud-based productivity suite. G-Suite is a collection of collaboration tools and software that organizations can use to increase efficiency in their organization. While Google Suite is known for its ease of use, it’s credential-based authentication creates another credential for end users to have to remember which can create security flaws in the long run.
With credential-based identification, many security flaws come to light. 10 million attacks targeting usernames and passwords occur every day, so it’s fair to say it creates vulnerabilities in your security and presents hackers an opportunity for Man-in-the-middle attacks that can lead to costly data breaches. That’s why it can be extremely beneficial to use G-Suite with a RADIUS to authenticate user credentials against the G-Suite directory.
Can I Use G-Suite With FreeRADIUS?
Yes, you can authenticate G-Suite users with FreeRADIUS. Provided you set up a SAML Application in G-Suite, you can easily use a PKI Service like SecureW2 to enroll your G-Suite users for certificates that can be authenticated against FreeRADIUS. Password-authentication won’t work due to the fact that G-Suite is only compatible with SAML and FreeRADIUS works using the LDAP protocol, and honestly you’re much better off without passwords as they will put your organization at high risk for Over-the-Air Credential Theft.
How Can I Use RADIUS with Google Apps / G-Suite?
Google Apps / G-Suite Allows you to create SAML applications so outside applications can request information from your directory. SAML is a useful authentication protocol that uses a Single-Sign-On (SSO) format that creates a seamless authentication experience, which you can easily use to enable secure WPA2-Enterprise Wi-Fi.
By syncing your G-Suite with SecureW2, the onboarding software communicates with G-Suite, granting trust to the end user and issuing a certificate. The client can then present the certificate to the RADIUS server to be authenticated and authorized for a secure network access.
SecureW2 has innovated on this classic RADIUS infrastructure with the introduction of Dynamic Cloud RADIUS, a feature suite that enhances certificate-based WPA2-Enterprise. Instead of relying on static certificates to restrict user access, the RADIUS server can now talk to cloud IDPs (like G-Suite) at the moment of authentication to make runtime-level policy decisions, on top of having ultra-secure certificate authentication.
Instead of managing multiple certificates per user, and revoking and reissuing them every time permissions change, you can enforce user segmentation and other group policies based on a user’s status in G-Suite. In addition to providing an extra layer of security, it’s more user friendly as users can keep the same certificate for years.
Industry First Dynamic RADIUS With G-Suite
Using SecureW2, your organization can have a top of line Dynamic Cloud RADIUS-backed network fully functional in a matter of hours. You can fully utilize your G-Suite directory while being able to make policy changes on the fly without any lapse in security.
We easily consolidate our PKI with any network environment to eliminate any headaches usually associated with integration. We have affordable solutions for organizations of all sizes; check out our pricing here to see if we can be of service.