Cloudpath Enrollment System

Secure Network Access for BYOD, Guest Users and IT-Owned Devices

Cloudpath Enrollment System is a software/SaaS platform that delivers secure wired and wireless network access for BYOD, guest users and IT-owned devices. It streamlines getting devices on the network and secures every connection with powerful encryption. Cloudpath software gives you granular policy control over what network resources users can access. It lets you deliver a great end-user experience and virtually eliminates helpdesk tickets related to network access. Choose from cloud-based or virtualized on-premises deployment. Cloudpath software supports any user, any device, and any network infrastructure.

Increase Security for Users, Devices, Data and the Network

Cloudpath software secures network connections with WPA-2 Enterprise—the highest standard in secure Wi-Fi. The system encrypts data in transit between the device and Wi-Fi access points for maximum security. It lets you define and manage polices for network access so that users see only what they should see. You gain visibility and control over what devices are on the network, and the power to revoke access at any time. A device posture check with remediation during onboarding ensures that only devices with appropriate security safeguards in place gain access.

Streamline Network Access for BYOD Users

The sheer volume and diversity of devices that require network access can cause headaches for IT departments. What if BYOD users could self-provision their devices with intuitive self-service workflows? With the simple onboarding portal in Cloudpath software, they can. Users get a great experience without IT intervention. BYOD users initially gain access with existing login credentials. The system installs a digital certificate on the device so that users authenticate seamlessly from that point forward—without having to re-enter a Wi-Fi password.

Give Visitors Easy, Self-service Guest Wi-Fi

No matter what the environment—schools, colleges, hotels, public venues, or anywhere, really—the first thing visitors ask is “How do I get on the Wi-Fi?” Cloudpath software delivers secure guest access for visitors without involving the IT helpdesk. Guest users simply self-register for internet access via an intuitive portal and receive login information via SMS, email, or printed voucher. You can customize the login portal, guest workflows, terms and conditions, and more for a trouble-free and secure user experience.

Get a Live Demo

Fill out the form below to request a live online demo with a Ruckus representative.
(Licensed by user, not device; licenses start at 100 users minimum)

 
Secure Network Access
Secure every connection for BYOD, guest, and IT-owned devices (including IoT) with WPA2-Enterprise via 802.1X authentication
Encrypt data in transit over the air between devices and wireless access points
Perform up-front security posture check with remediation during network onboarding
Gain visibility into what devices are on the network, with the power to revoke access at any time
Associate every device with a user for greater control over your IT environment
Self-Service Onboarding and Device Enablement
Empower BYOD and guest users to securely self-provision their devices for network access—without IT intervention
Tailor the user experience with customizable onboarding workflows and self-service portal
Prompt users to install software of your choice during onboarding
Certificate Management
Improve network security by using digital certificates for authentication
Manage your own Public Key Infrastructure (PKI) with built-in certificate authority—or use external certificate authorities
Use the built-in RADIUS server and user database—or third-party platforms
Policy Management
Create and manage granular per-user, per-device network access policies
Apply role-based access controls—users only see the network resources that they should see
Implement VLANs and application-based access for a secure, high-performing network
Third-Party Integration via APIs
Enhance network security through integration with web content filtering, next generation firewall and mobile device manage management products
Simplify Chromebook setup with user-driven, IT-driven or distributor-driven approaches
Facilitate inter-campus Wi-Fi roaming in higher education with eduroam integration
Forest Hills Public School District

Michigan. 10,000 students. 1:1 Chromebooks needed more than 30 devices per AP.

Neumann University

Ruckus Provides Champion-Caliber Wired and Wireless Network

Sunway University

Sunway is a university located in Malaysia that serves 18,000 students and 1,500 staff members

Case Study

Blackpool and The Fylde College

Cloudpath Enrollment System Supports Digital Campus

Case Study

Fairfax County Public Schools

Embracing Bring-Your-Own-Device via Cloudpath Enrollment System

Case Study

Summit Public Schools

Cloudpath Enabling Reliable, Secure Authentication Across Campus

https://res.cloudinary.com/ruckus-wireless/image/upload/ar_16:8,c_fill,g_auto,q_...

Worcester Polytechnic Institute

Cloudpath Meets the Challenge at Worcester Polytechnic Institute

Victor Central School District

Victor, NY. 4,500 students. Replaces Aruba with Ruckus W-Fi for 1:1 learning and secure onboarding.

Ruckus Blog

https://theruckusroom.ruckuswireless.com/wp-content/uploads/2018/09/shutterstock...

Three ways to use network access policies beyond IT security

Vernon Shure

Three ways unsecured Wi-Fi can contribute to a data breach

Three ways unsecured Wi-Fi can contribute to a data breach

Vernon Shure

What Is Secure Onboarding, and Why Is It Such a Challenge?

What Is Secure Onboarding, and Why Is It Such a Challenge?

Vernon Shure

https://theruckusroom.ruckuswireless.com/wp-content/uploads/2018/08/blogimage-60...

What Is the Definition of a Data Breach, and Does Ransomware Count?

Vernon Shure

What’s Wrong with MAC Authentication and Pre-shared Keys (PSKs)

What’s Wrong with MAC Authentication and Pre-shared Keys (PSKs) for BYOD and Guest Wi-Fi Access, Part II: User and IT Experience

Vernon Shure

https://i0.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2018/03/th...

Wireless Eyes Are Watching – An Unexpected Benefit of Wi-Fi Security

Wendy Stanton

https://i2.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2018/03/th...

Secure Wi-Fi Access Using Dynamic Pre-Shared Keys

Vernon Shure

https://i2.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2018/01/th...

Securing BYOD and 1:1 Network Access in Primary and Secondary Schools

Staff

https://i2.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2017/11/47...

What’s Wrong with PSKs and MAC Authentication for BYOD?

Staff

https://i0.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2017/08/bl...

Heading into The Golden Era of Education Technology Solutions

Wendy Stanton

https://i2.wp.com/theruckusroom.ruckuswireless.com/wp-content/uploads/2017/08/fe...

Making Wireless Access and BYOD a Reality at your Agency

Chris Collura

Videos
Webinars
No more Passwords! Hassle-Free Wi-Fi Access

On Demand

No more Passwords! Hassle-Free Wi-Fi Access

On Demand

Learn how you can avoid angry tweets to the Chancellor about the hassle of password resets and lockouts in our upcoming live webinar. We will discuss how Ruckus Cloudpath software can rid your campus of password tyranny and provide remote secure onboarding to avoid move-in day help desk overload.

Securing Chromebook Classrooms Made Easy

On Demand

Securing Chromebook Classrooms Made Easy

On Demand

Only 52% of online edtech software require encryption of login and personal information. Luckily, Ruckus and Lightspeed can help you deploy your Chromebooks securely, so you can easily monitor and manage them in your classroom hassle-free. Watch our webinar to find out how.

The Swiss Army Knife for Lean IT to Secure Campus Networks

On Demand

The Swiss Army Knife for Lean IT to Secure Campus Networks

On Demand

Fast, reliable Wi-Fi and self-service BYOD access is our proven formula for success. Watch this webinar to learn how our Swiss Army Knife, Ruckus Cloudpath software, can help you provide remote secure onboarding to avoid move-in day help desk overload and rid your campus of password tyranny. 

Hassle-free Access: Passwords, Pre-Boarding & eduroam

On Demand

Hassle-free Access: Passwords, Pre-Boarding & eduroam

On Demand

How many hours per week do you spend on password-related help desk tickets – especially from incoming freshman? Spare an hour, and listen to this webinar to learn how to rid your campus of password tyranny and simplify secure onboarding.

Simple & Secure Onboarding for BYOD

On Demand

Simple & Secure Onboarding for BYOD

On Demand

Listen to Nick Wright, ICT Services Manager for Blackpool & The Fylde College, explain how implementing a secure network with increased capacity ​and a certificate-based security approach solved the challenges that were plaguing his IT staff.

How to Secure Every Device and Protect Your Network

On Demand

How to Secure Every Device and Protect Your Network

On Demand

Learn how the combination of certificates and granular user and device policy management can improve or round out your security implementation—not just for employees but for guests and BYOD users, as well.

Secure Network Onboarding

Wired and Wireless Network Security

What it means:

Network onboarding is the process by which a BYOD, guest or IT-owned device gains access to the network for the first time. Secure network onboarding means doing this in a way that enhances security for users, devices, data, and the network.

Why you should care:

BYOD and guest users often incur frustration with default methods for network onboarding. Default methods such as MAC authentications and conventional PSKs are not intuitive for users, leading to numerous help desk tickets. Default methods of onboarding and authentication are also not secure. An effective system for secure network onboarding improves end-user experience for BYOD users and guests. It relieves IT of the burden of excessive help desk tickets related to network access, and improves IT security as part of a layered protection strategy. Ruckus offers Cloudpath Enrollment System software/SaaS for this purpose.

Related Products and Solutions

Secure Guest Access

Wired and Wireless Network Security

What it means:

Visitors to any environment—schools, colleges, government agencies, retail, hospitality, offices or practically anywhere—arrive expecting easy and secure connectivity for their devices. Secure guest access means allowing visitors (vendors, partners, consultants—visitors of any kind) a way to securely access the internet and/or local network resources services over the wireless or wired network.

Why you should care:

When done right, guest access is a win for both the end-user and the organization providing it. Guest users are more productive when they can get online quickly and easily. Internet connectivity helps the visitor conduct whatever business or activity brings them to your environment, which also benefits the organization. Modern guest access systems let visitors securely self-provision their devices for internet access without IT involvement, avoiding costly and labor-intensive help desk tickets. These systems let IT teams customize network onboarding workflows, which may be sponsor-initiated, sponsor-approved, or entirely self-service. Guests receive their individual login credentials via SMS, email or printed vouchers.

IT teams can customize the onboarding portal so that the look and feel supports the organization’s brand. They can grant access for a specified period depending upon how long the user will remain on site. Guest users typically get internet access only—they don’t see internal network resources. IT gains visibility and control over devices on the network, with the ability to revoke access at any time. An up-front security posture check with remediation further enhances security. 

Related Products and Solutions

Certificate Management

Wired and Wireless Network Security

What it means:

In computer networking, a digital certificate is a document installed on a device that provides the basis for authenticating the device onto the network. Certificate management is the process of managing these digital certificates. This includes processes such as creation, storage, distribution, suspension and revocation. Certificate authorities (CA) are responsible for certificate management and serve as a registration authority for subscriber certificates.

Why you should care:

Digital certificates installed on the device as part of an automated network onboarding process streamline network authentication and make sure that every connection is secure. Users who have installed a certificate on their device during initial onboarding no longer have to take any action to re-authenticate on future connection attempts—the device connects automatically in a process that is transparent to the user. The certificate persists on the device until revoked by IT administrators. Default methods of network onboarding and authentication, such as conventional pre-shared keys and MAC authentication, do not provide the security or user experience benefits of digital certificates distributed via a secure onboarding platform.

Related Products and Solutions

Dynamic Pre-shared Key (DPSK)

Wired and Wireless Network Security

What it means:

Dynamic Pre-Shared Key (DPSK) is a Ruckus-patented technology that delivers secure network access by providing each device and user with a unique login credential. Users access the wired/wireless network using their own personal key, which is provided as part of the network onboarding process. In contrast, with conventional pre-shared keys (PSKs), multiple, or even all, users share the same key.

Why you should care:

Traditional pre-shared keys create a security hole in network defenses because multiple users access the network with the same key. Conventional PSKs do not give IT teams visibility and control over devices on the network or the ability to map access policies to specific users and devices. Users readily share conventional PSKs with others, and IT cannot revoke them for one user without revoking access for all. DPSKs address the security flaws of conventional PSKs to make users, devices, data and the network more secure.

DPSKs are an alternative to digital certificates that provide similar security benefits. They are appropriate in cases where user experience considerations make it impractical to install a digital certificate on the device. This applies in cases where the user will only need network access for a limited time—for example, in the case of guest users.