Technical Guides
Deep, expert-led technical guides on guest WiFi, analytics, captive portals, and venue technology.
444 guides
How to Configure NAC Policies for VLAN Steering in Cisco Meraki
This authoritative guide provides IT leaders, network architects, and venue operations directors with a practical, step-by-step framework for configuring NAC policies and VLAN steering in Cisco Meraki environments. It covers 802.1X implementation, IoT device isolation via MAC Authentication Bypass, and seamless integration with Purple's guest WiFi analytics platform to ensure secure, compliant, and high-performance network segmentation across hospitality, retail, and public-sector deployments.
Best Practices for Securing K-12 School Networks with NAC
This technical reference guide provides actionable strategies for IT leaders to architect, deploy, and manage Network Access Control (NAC) in K-12 school environments. It covers essential topics from 802.1X authentication and VLAN segmentation to handling IoT devices with MAB and MPSK, ensuring robust safeguarding and compliance.
The Impact of MAC Randomization on NAC and How to Overcome It
This guide provides a deep-dive technical reference on the impact of MAC address randomization on Network Access Control (NAC) systems and guest WiFi architectures. It explains the mechanics of per-network and periodic MAC rotation across iOS, Android, and Windows, and details the cascading failures this causes — from captive portal fatigue and DHCP exhaustion to policy enforcement breakdown and inaccurate analytics. IT leaders and network architects will find actionable, vendor-neutral strategies for migrating from device-centric to identity-centric authentication using IEEE 802.1X, Passpoint (Hotspot 2.0), and OpenRoaming, with concrete implementation guidance for hospitality, retail, healthcare, and public-sector environments.
Managing IoT Device Security with NAC and MPSK
This technical guide details how enterprise venues can secure headless IoT devices using Multiple Pre-Shared Key (MPSK) architecture and Network Access Control (NAC). It provides actionable implementation steps for achieving micro-segmentation, containing security blast radii, and maintaining compliance without sacrificing scalability.
Automating Certificate Revocation with OCSP and CRL in a NAC Environment
This technical reference guide provides IT managers and network architects with a comprehensive breakdown of automating certificate revocation in a Network Access Control (NAC) environment. It explores the architectural tradeoffs between OCSP and CRL, offers vendor-neutral implementation guidance, and outlines the business impact of real-time policy enforcement.
Secure Guest Access: Implementing NAC for Unmanaged Devices
This authoritative technical reference guide details the architecture, deployment, and compliance considerations for implementing Network Access Control (NAC) to secure unmanaged guest devices. It provides actionable guidance for IT leaders to achieve secure guest access without compromising corporate infrastructure.
The Role of SCEP and NAC in Modern MDM Infrastructure
This guide provides a comprehensive technical breakdown of how SCEP and NAC integrate with MDM platforms to deliver secure, zero-touch network access at enterprise scale. It covers the full architecture from certificate issuance through 802.1X enforcement, with real-world implementation scenarios from hospitality and retail. Designed for IT leaders at large venues who need to eliminate password vulnerabilities, automate device provisioning, and satisfy compliance requirements this quarter.
NAC Posture Assessment: Ensuring Managed Device Compliance Before Network Access
This technical reference guide provides a deep-dive into NAC Posture Assessment, detailing the architecture, standards, and deployment strategies required to enforce managed device compliance. It equips IT managers and network architects with actionable insights to mitigate risks and ensure secure network access across multi-site enterprise environments.
Improving Network Visibility with NAC and MDM Integration
This technical reference guide details the architecture, integration, and business impact of combining Network Access Control (NAC) with Mobile Device Management (MDM). It provides actionable deployment guidance for IT managers and network architects operating complex multi-use environments like hospitality, retail, and public venues.
Indoor WiFi Positioning Systems: How They Work and How to Deploy Them
This comprehensive guide details the technical architecture, deployment strategies, and business value of WiFi-based indoor positioning systems. It provides network architects and IT directors with actionable guidance on AP placement, RF calibration, and overcoming MAC randomization to deliver precise spatial analytics.
How to Build a Campus WiFi Network: A University IT Guide
This technical guide provides a comprehensive blueprint for designing and deploying high-density campus WiFi networks, covering everything from active site surveys and access point placement to controller architecture, seamless roaming, and secure guest onboarding. It is written for IT managers, network architects, and CTOs at universities and large venues who need actionable guidance to plan and execute a wireless deployment this quarter. The guide also maps Purple's Guest WiFi and analytics platform to real integration points within the deployment lifecycle.
How to Set Up a WiFi Hotspot for Your Business
This authoritative guide provides IT leaders, network architects, and venue operations directors with a practical, vendor-neutral blueprint for deploying secure, compliant, and business-enhancing guest WiFi hotspots. It covers critical architecture decisions—from VLAN segmentation and captive portal configuration to GDPR compliance and traffic shaping—and demonstrates how to transform network infrastructure from a cost centre into a revenue-driving analytics platform using Purple's Guest WiFi and analytics capabilities.
What Is MAC Address Authentication? When to Use It and When to Avoid It
This authoritative technical reference guide covers MAC address authentication in enterprise WiFi environments — how RADIUS-based MAC authentication works at Layer 2, its inherent security vulnerabilities (including MAC spoofing and the impact of OS-level MAC randomisation), and the precise operational contexts where it remains a valid tool for managing IoT and headless devices. It provides actionable deployment guidance for IT managers and network architects across hospitality, retail, healthcare, and public-sector venues, with real-world worked examples, decision frameworks, and integration context for Purple's guest WiFi and analytics platform.
RadSec: How RADIUS over TLS Improves WiFi Authentication Security
This authoritative technical reference explains how RadSec (RFC 6614) secures enterprise WiFi authentication by wrapping traditional RADIUS traffic in TLS encryption. Designed for IT managers and network architects, it covers architecture, deployment strategies, and practical steps to mitigate the risks of unencrypted UDP RADIUS traffic across corporate and guest networks.
How to Set Up Enterprise WiFi on iOS and macOS with 802.1X
This authoritative guide provides senior IT leaders with actionable steps for deploying 802.1X enterprise WiFi on iOS and macOS devices. It covers certificate-based authentication (EAP-TLS), MDM configuration profiles, and architecture integration to secure corporate networks while supporting BYOD initiatives.
How to Set Up Enterprise WiFi on Android Devices with EAP-TLS
This technical reference guide provides senior IT leaders with a comprehensive blueprint for deploying 802.1X EAP-TLS authentication on Android devices. It covers the architectural mechanics, manual and MDM-driven implementation strategies, and troubleshooting methodologies necessary to secure enterprise wireless networks.
How to Use Microsoft Intune to Push WiFi Certificates to Devices
A comprehensive technical reference for IT leaders on deploying 802.1X WiFi certificates via Microsoft Intune. Covers SCEP vs PKCS architecture, implementation steps, compliance mapping, and real-world deployment scenarios for enterprise environments.
How to Set Up Azure Entra ID (Azure AD) for WiFi Authentication
This authoritative guide details the architecture, implementation steps, and business impact of integrating Azure Entra ID with 802.1X for enterprise WiFi authentication. It provides network architects and IT managers with practical deployment strategies, replacing legacy PSKs with zero-trust, certificate-based network access.
How to Configure WPA2-Enterprise on Common Access Point Platforms (Cisco, Aruba, Ubiquiti)
This technical reference guide provides senior IT professionals and network architects with a definitive, vendor-specific walkthrough for deploying WPA2-Enterprise on Cisco, Aruba, and Ubiquiti platforms. It details architecture, RADIUS integration, compliance requirements, and real-world deployment scenarios across enterprise and venue environments.
How to Set Up a RADIUS Server for WiFi Authentication
This authoritative guide provides IT leaders and network architects with a comprehensive blueprint for deploying a RADIUS server for enterprise WiFi authentication. It covers the architectural trade-offs between on-premise and cloud-hosted deployments, EAP method selection, Active Directory integration, and dynamic VLAN assignment. Venue operators and IT teams will find actionable implementation steps, real-world case studies, and risk mitigation strategies to move from an insecure PSK environment to a robust 802.1X infrastructure this quarter.
How to Configure 802.1X WiFi Authentication: A Step-by-Step Guide
This technical guide provides a step-by-step walkthrough for configuring 802.1X enterprise WiFi authentication. It covers RADIUS server setup, certificate deployment, and practical deployment strategies for IT leaders across high-footfall venues.
How Shopping Centres Use WiFi Analytics to Attract and Retain Retailers
This authoritative technical reference guide explains how shopping centre IT teams and property managers deploy WiFi analytics to capture footfall data, measure dwell time by zone, and build the empirical evidence base needed to negotiate leases, retain premium retailers, and attract new tenants. It covers the full technical stack from AP deployment and MAC-layer data capture through to GDPR-compliant analytics dashboards, with concrete worked examples and decision frameworks for IT practitioners ready to implement this quarter.
Shopping Centre WiFi: A Property Manager's Guide
This guide provides a comprehensive technical and commercial blueprint for deploying estate-wide WiFi across a shopping centre. It covers three-tier network architecture, high-density RF design, GDPR-compliant data capture, and retail media monetisation strategies. Property managers, IT teams, and CTOs will find actionable deployment guidance alongside a clear ROI framework for transforming guest connectivity into a first-party data asset.
Zoo and Theme Park WiFi: High-Footfall Venue Connectivity Guide
This guide provides IT leaders and network architects with a comprehensive framework for deploying high-performance WiFi across zoos and theme parks. It covers outdoor RF planning, captive portal deployment, family-safe content filtering, and strategies for turning connectivity into actionable operational analytics.