Axians is leading the way in helping organizations transition to a more secure and scalable approach to Wi-Fi authentication by moving certificate management from traditional on-premises infrastructure to the cloud.
Organizations are increasingly shifting from traditional, on-premises managed devices to cloud-managed endpoints. This shift fundamentally changes how certificates are deployed—especially with the growing adoption of cloud-managed services and secure networking.”
Marcel Koedijk
Network Consultant at Axians Alkmaar, Netherlands
Koedijk, a specialist in Aruba Networks solutions, witnesses firsthand how legacy methods like WPA2-Personal fall short in terms of security. “With WPA2-Personal, anyone who knows the password can access the network—including ex-employees or unmanaged devices,” he notes. “That poses a serious security risk most organizations cannot afford.”
To address this challenge, many businesses are adopting WPA3-Enterprise with EAP authentication. However, Koedijk emphasizes that the most commonly used method, PEAP-MSCHAPv2, is inherently flawed. “It has been insecure since 1999. Yet it’s still widely used because it’s simple to set up,” he explains. “That’s why we strongly recommend certificate-based authentication using EAP-TLS—it’s the gold standard.”
Traditionally, certificates were issued through complex on-premises PKI infrastructures involving multiple servers, group policies, and firewalls. But as devices increasingly move under Microsoft Intune management, this model no longer fits. “You have to manage inbound firewall ports, maintain legacy servers—it’s complex, expensive, and introduces additional risk,” Koedijk explains.
The solution? A cloud-based PKI such as SCEPman.
Koedijk and his team now recommend solutions like Microsoft Cloud PKI, SCEPman, and Aruba Central Cloud PKI, depending on the size and specific needs of the organization.
“SCEPman is a standout solution,” Koedijk says. “It supports a wide range of devices, integrates seamlessly with Azure, includes OCSP for revocation checks, and eliminates the need for on-premises servers. For a 500-user environment, the cost is approximately €0.86 per user per month.”
For smaller environments or Bring Your Own Device (BYOD) use cases, Aruba Central Cloud PKI offers a streamlined alternative. “Setup takes less than 30 minutes,” Koedijk explains. “Users onboard their devices via a user-friendly portal, authenticate through Microsoft Entra ID, and receive a certificate in just a few steps.”
The true value of these technologies lies in their practical implementation—an area where Axians adds significant value.
At Axians, customers benefit not only from optimal solution design, but also from our deep expertise in secure infrastructure and identity management. We take care of the integration, automation, and ongoing support—so organizations can focus on their core business.”
Marcel Koedijk
The result is enhanced security, reduced operational overhead, and faster deployment timelines. “Cloud-based PKI solutions allow you to scale without complexity,” Koedijk concludes. “And with Axians, you avoid the learning curve, reduce internal workload, and gain a trusted partner to keep your infrastructure secure and future-ready.”