Effort Underway to Modernize Network Authentication—Certificate-Based Process Coming to eduroam
Posted Date: October 14, 2024
Northwestern IT is moving forward with the Campus Data Network Authentication Deployment project, which will modernize network authentication at Northwestern and ensure all devices accessing the eduroam wireless network, as well as our other secure networks, connect through a seamless experience while prioritizing the safety of University and user data. IT teams across the University are currently testing the new authentication process, which will be rolled out to all eduroam users. The project will streamline connecting to eduroam by moving from a NetID-based sign-in process to a certificate-based model.
Transitioning to the new process will require users to follow a guided process that automatically installs a new security certificate on any personal device they plan to connect to the eduroam Wi-Fi network. The certificate installation process will automatically configure appropriate settings for each device and will prevent users from having to log back into the network after changing their password. Devices will be recognized for five years if the user continues to have an active NetID. The change will not affect the sign-in process for any University applications. University-owned devices managed by school or unit IT will automatically receive new certificates; no user-initiated steps are required for those devices.
The first phase of this project to enable the new authentication method on eduroam will run through fall 2025 when the old authentication method will be disabled. Later in FY25, work will begin enabling authentication on wired network connections in select locations.
The updated authentication process will pave the way for further security enhancements with the later establishment of role-based access control (RBAC) for users and devices signing into the network. This change will allow special access and permissions to move with users and devices connected anywhere on the University network.
Northwestern IT will continue to collaborate with campus IT partners on the project's next steps and will notify users before the deployment of the new protocols begins. Stay tuned for more information, and review the project web page for updates.