Re: WPA2 Enterprise and WPA2 Personal.

abinaya.2.r · ‎03-26-2019

Hi,

We are looking to implement WPA2 Enterprise for Managed Mobile Devices such as iPhone 6 and above. Currently they are using WPA2 Personal.

This is a part of Guest users and traffic for this WLAN is anchored to the anchor WLC(Model:5508 version 8.0.152.0 and 3504 version 8.5)

Do we have any cisco recommended advise or the security benefits detailing security shortfall of current WLAN with security protocol WPA2 Personal being used and benefits to securing the WLAN using WPA enterprise.

Ric Beeching · ‎03-26-2019

It's generally industry recommendation/common sense, not Cisco's, that says where possible use the most secure solution.

WPA2 Personal means a single compromise of the password and your network is vulnerable whereas Enterprise offers much greater levels of security with fewer vulnerabilities, particularly if implemented with something like EAP-TLS.

Are you looking for some wording for project justification?

As a side note - if using Guest with foreign/anchor you should try and use the same software version on both WLCs.

Ric

-----------------------------
Please rate helpful / correct posts

abinaya.2.r · ‎03-28-2019

ok.

So how do I check the compatibility of using WPA2 enterprise on the mobile devices and its compatibility with the AP models and WLC IOS version

Scott Fella · ‎03-28-2019

You need to research the device compatibly to first understand what security method you can use. As far as any wireless solution, majority of aps/controllers support WPA2. This can be found in the data sheet for any vendors products. Know your devices, then you will know what is possible and what is not.

-Scott
*** Please rate helpful posts ***