Identity PSKs or iPSK are unique pre-shared keys created for individuals or groups of users on the same SSID. They allow for the flexibility of using the same SSID for everything PSK related whilst still having different keys and different rights on the network.
Its simplicity removes any complex configuration for the client, and as it is supported on most devices is suited for IoT, BYOD and guest deployments.
Splash Access’ standalone IPSK module integrates with the Meraki portal to create an easy to use secure onboarding system.
While a username and password provides extra security, users may find remembering an extra set of credentials to be cumbersome when trying to get connected, and may be better served by using a private PSK.
Additionally, certain devices may not support WPA2-Enterprise authentication, and would require an additional PSK SSID to be set up to connect to the same network, increasing wireless overhead and compromising on security.
Private / Identity PSK, resolves these issues by acting as a standard WPA2 PSK SSID to clients, while authenticating clients to a central server based on their MAC address and providing a way to assign users and unique device keys, build identity-based groups, and scale them across the network.
With the popularity of mobile devices and the vast expansion of IoT devices growing around us, from surveillance cameras, and point-of sale devices improving our retail experience to sensors and medical devices streamlining hospital performance, it has increasingly forced network administrators to re-think and develop multiple ways to onboard devices to the network, in areas within Healthcare, Education, Government and more.
The ability to segment users, providing a private ‘virtual bubble’ where users can communicate with their devices on the network is an important factor in limiting vulnerability whilst still providing flexibility and control.
An uncomplicated, simplified security for IoT devices is made easier with IPSK.
Within education, a University campus for example, with multiple classrooms and dorms can utilise IPSK to assign devices into unique groups and separate VLANs. This enables students to connect with lecturers, join meetings etc across the campus networks.
VLAN tagging allows for the labelling of the devices with a specific VLAN ID, thereby giving network administrators the ability to manage and regulate switches to allow or disallow traffic from one VLAN to another, with the ability to change the keys on entire groups of devices at the same time.
This results in a far superior content distribution and remote management from several VLANs across multiple campuses.
Through IPSK, wireless devices can be authenticated more securely than the traditional pre-shared keys. Instead, the unique PSK is correlated with the devices MAC address. Identity PSK allows for separate group policies to be assigned within a single SSID based on the PSK used.