How to Setup a Captive Portal for BYOD Devices – Part 3

Setting up a captive portal can be an effective way to filter and manage BYOD devices. This technique is useful when a BYOD device is not managed by a domain controller, but you still want to identify the student, and apply their specific group policy.

Start by considering the following:

• Are you performing SSL decryption on your network? If so, this may determine the method you use to identify users with the captive portal.
• If so, do you have a plan for how you will ask BYOD device holders to install your SSL certificate?

Then, review the following prerequisites:

• Confirm that you have per-user filtering with a defined client/group structure
• Review your Netsweeper deployment architecture and what functionality is available to you.
  • e.: HTTPS cookie injection (used in some captive portal configurations) requires NSProxy and SSL decryption.
• Confirm which Netsweeper authentication module you will use.
• Confirm that Netsweeper can properly communicate with your authentication source.

Once you are comfortable with the above prerequisites, you’re ready to setup your captive portal:

• Configure the WebAdmin to use the authentication redirect portal.
• Configure filtering groups that will use the authentication redirect functionality.
• Validate that filtering functionality is operating as expected.

Yup, it’s that easy, although if you do run into any hiccups, Netsweeper’s technical support team (support@netsweeper.com) is more than happy to assist.