MICROSOFT_PRESS_EBOOK_INTRODUCING_WINDOWS_10
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
With Wi-Fi Sense, Microsoft keeps a list of open networks that are known to be safe and reliable, like<br />
the official hotspots found in airports and shopping malls and hotel lobbies and increasingly in public<br />
areas in cities. When you or your users visit a new place using a Windows <strong>10</strong> device with Wi-Fi Sense<br />
turned on, they’ll never see fake hotspots run by criminals; instead, they’ll connect automatically to the<br />
known network that has established a reputation as safe and reliable.<br />
The Connect To Networks Shared By My Contacts option is designed for use with consumer-grade<br />
Wi-Fi access points and routers that use the WPA2 standard for authentication, with a shared key that<br />
users enter to gain access. As part of the process of connecting to a WPA2-secured home network on a<br />
Windows <strong>10</strong> device, the user has the option to share the connection with contacts and friends.<br />
Sharing a connection this way doesn’t allow the person using that shared connection to re-share<br />
with their friends. For that, they need the passphrase.<br />
On work networks, of course, you shouldn’t be using passphrase-based security. Instead, your<br />
network should be secured using 802.11X authentication with a RADIUS server, so that anyone connecting<br />
to it has to sign in using credentials that you manage. It’s relatively easy to add this setup on a large<br />
corporate network. Smaller businesses can look at a service like JumpCloud (http://jumpcloud.com)<br />
to provide RADIUS-as-a-service at a low cost. (In fact, the service is especially attractive for very small<br />
businesses, because it’s free for up to <strong>10</strong> users.)<br />
The Paid Wi-Fi Services option is a companion piece to a new Windows Store app from Microsoft,<br />
called (naturally) Microsoft Wi-Fi. It uses an industry-standard authentication mechanism to provide<br />
secure access to networks, on a pay-as-you-go basis. This program is still in the process of rolling out,<br />
so it might be some time before you’re able to use this feature in locations you visit regularly.<br />
Making secure connections to corporate networks<br />
Remote networks are, by definition, untrusted. A worker who connects to a free Wi-Fi hotspot in an airport<br />
or uses a hotel’s guest network runs the risk of having the connection intercepted by a malicious<br />
outsider, with potentially devastating consequences for data on a corporate network.<br />
The solution, historically, is to use a virtual private network (VPN), which encrypts the connection<br />
between the corporate network and the remote PC so that packets traveling over the untrusted network<br />
are unreadable by an attacker.<br />
Windows 8 included a basic VPN client. Windows 8.1 added support for a limited selection of VPN<br />
providers, including Check Point, F5, Juniper Networks, and SonicWall, in addition to the Microsoft<br />
client. Windows <strong>10</strong> expands this capability to any VPN solution provider, with distribution through the<br />
Store.<br />
96 CHAPTER 7 Windows <strong>10</strong> networking