How Transparent Filtering Works
Transparent filtering only has a small configuration requirement on each device so that it “speaks” to the filter – all network traffic that passes across the Smoothwall Filter is automatically filtered, and after installation of the HTTPS filtering certificate, the secure traffic can be inspected.
How 802.1x BYOD Authentication Works
802.1x BYOD authentication is an advanced form of network-level authentication. It is possible with Smoothwall Filter to implement authentication – similar to connecting to a hotel or conference Wi-Fi – where the user’s details are input to a web page in order to authorize and allow them to connect to Wi-Fi.
However, having to frequently re-enter credentials can be frustrating for users who connect daily to the network.
802.1x on Smoothwall Filter works in combination with an enterprise wireless network to authenticate the user when they connect (often using WPA2-Enterprise security) and stores these credentials on the device.
The device will then automatically reconnect to the wireless when in range and provide the credentials without any action needed by the user.
Authentication and Filtering on Student’s Own Devices
Step 1 – Student connects to the school’s wireless network.
Step 2 – The wireless network sends back an authentication request and the client provides username and password credentials.
Step 3 – The wireless network validates credentials with a directory service (i.e., Active Directory) using the RADIUS protocol and receives an acceptance message from the directory server indicating the credentials are correct.
Step 4 – The wireless access point allows the device to connect to the network, an IP address is assigned to the device, and Smoothwall is informed of this new connection.
Step 5 – As the user browses the internet, traffic traverses the Smoothwall Filter. The filter knows which filtering policies to apply and with whom to associate the traffic based on the IP address equaling a specific username.
Step 6 – Periodically, the wireless network automatically sends an update to the filter to let it know that the user is still connected.
Step 7 – When the user disconnects, the wireless network sends a stop message to the filter, so that it knows to no longer associates that IP address with the student.
Interested in discussing how to implement BYOD web filtering for your school or district?
Click here to contact us with any questions you have or here to schedule a demonstration of the only content-aware web filter solution for schools.
