Network Access Control Solution for Secure Mobile Device Authentication

Certificate-Based Wireless Access for Managed iOS and Android Tablets Using Juniper Mist Access Assurance

The Challenge: Securing Wireless Access for Organization-Owned Mobile Devices

This North Carolina-based water authority needed to improve the security of its wireless network access for organization-owned mobile tablets used throughout daily operations. The organization relied on both iOS and Android tablets to access internal applications and resources, but its existing authentication process depended on traditional username and password credentials— an approach increasingly viewed as vulnerable to unauthorized access and credential compromise.

While the organization’s Apple devices were already managed through Microsoft Intune, Android tablets lacked equivalent policy enforcement and centralized authentication controls. In addition, the water authority needed a solution that would restrict access to authorized corporate-owned devices only, preventing personal or unmanaged devices from connecting to sensitive internal network resources.

To address these challenges, the organization sought a scalable network access control deployment that would eliminate dependence on user-based authentication and instead enforce secure, policy-driven access using certificate-based authentication.

The Solution: Certificate-Based Network Access Control with Juniper Mist

Data Networks delivered a comprehensive network access control solution leveraging Juniper Mist Access Assurance to provide secure, policy-based wireless authentication for managed mobile devices.

The solution centered around the creation of a new secure wireless network dedicated specifically to company-owned mobile tablets. Working closely with the organization, Data Networks conducted a detailed project kickoff and requirements review to define wireless policies, certificate requirements, and device access controls.

Within the existing Juniper Mist environment, Data Networks:

• Activated the Mist Access Assurance subscription
• Created a new secure wireless LAN and SSID named for mobile device access
• Configured IP addressing, VLAN assignments, and wireless network parameters
• Implemented certificate-based authentication using client-provided SSL certificates and Certificate Authority (CA) infrastructure

To strengthen access control, the engineering team configured:

• User roles and access policies
• VLAN assignment rules for internal network access
• Authentication workflows for managed iOS and Android tablets
• Policy enforcement to block unauthorized or personal devices from accessing the internal wireless network

The new wireless environment enabled tablets to authenticate automatically through device certificates rather than requiring users to enter usernames and passwords. Data Networks then performed validation and testing to confirm successful secure connectivity and access to internal network resources.

The Outcome: Secure, Policy-Based Wireless Access for Mobile Devices

Through this network access control solution, the water authority significantly improved the security posture of its wireless environment while simplifying access for authorized mobile users. By transitioning from traditional credential-based authentication to certificate-based access control, the organization reduced exposure to password-related vulnerabilities and strengthened protection for sensitive internal resources.

The implementation of Juniper Mist Access Assurance enabled centralized policy enforcement and automated authentication for managed iOS and Android tablets, creating a seamless user experience without sacrificing security. At the same time, the solution effectively blocked unauthorized or personal devices from connecting to the internal network. By modernizing wireless authentication and implementing scalable NAC policies, Data Networks delivered a secure and future-ready mobility solution that supports operational efficiency, simplifies device access management, and enhances overall network security. Ongoing management through the water authority’s existing Managed IT Services agreement ensures continued monitoring, support, and policy administration as the environment evolves.

Tags: SLG, local, government, networking