Aerohive cheat sheets series: This is the next installment in a series of blogs that provide an at-a-glance look at how our technology works – enterprise Wi-Fi architecture as well as supporting features - and the benefits it provides. Last time we covered BYOD management and Aerohive’s Client Health Score. This time we are looking at Aerohive’s PPSK (Private Pre-Shared Keys).
What is PPSK?
- Private PSKs are unique pre-shared keys created for individual users on the same SSID
- This technology allows users to be uniquely identified and authenticated similar to 802.1x/RADIUS providing tighter policy enforcement.
- No complex configuration required for clients, offers the simplicity of traditional PSK.
Why is it important?
- Though using RADIUS is the most secure approach to Wi-Fi authentication, this method can require a large amount of configuration on both the infrastructure and on the devices. This may not be feasible during the initial deployment.
- The next best option has been to use a pre-shared key (a common password for everyone – the same as you use at home). However traditional PSK trades off many of the advantages of RADIUS such as the ability to revoke keys for wireless devices if they are lost, stolen or compromised.
- With traditional PSK you also lose the extra security of having unique keys per user or client device such as policy enforcement for individual users - everyone is treated the same.
- If a person leaves the company, traditional PSK requires that the key be reset for all users, which can be an IT support burden. With Private PSK, just that one user’s key can be revoked.