Website Based Authentication (WebAuth)

 

Website authentication is the security process that allows users to verify their identities in order to gain access to their personal accounts on a website.

This process occurs behind the scenes any time an individual logs into an online account, including social media profiles, eCommerce sites, rewards programs, online banking accounts, and more.

If your website is one that requires a user to verify their identity to gain access to certain elements (such as a social media network or online retail site) it’s important that users are able to complete the process quickly and easily. 

Cisco’s Wireless LAN Controller(WLC) has two types of web authentication methods:

 Local Web Authentication(LWA) in which the captive portal is present on the WLC itself and client accounts can be on WLC/Identity Services Engine(ISE)/LDAP. Is use in smaller wireless deployment handled by wireless controller

The other method is Cisco’s proprietary Central Web Authentication(CWA) method which uses its WLC, ISE as NAC to authenticate clients through a Web portal hosted on ISE. This method gives a lot of flexibility to  local engineers using which guest accounts can be created for respective site offices/branches.Use in larger wireless deployment with a centralized Radius Database (such as Cisco ISE)

Webauth benefits

• no special client software needed
  
• Familiarity for end users
• Customizable user interface

Webauth Limitations

• not transparent to end user
• not as secure as 802.1x
• lack of single sign-on capabilities