Purple vs Cloud4Wi: Captive Portal e WiFi Marketing Comparados

Este guia de referência técnica oferece uma comparação direta e lado a lado da Purple e da Cloud4Wi para implementações de captive portal e WiFi marketing empresariais. Abrange a paridade de funcionalidades, diferenças nos modelos de preços, considerações arquitetónicas, amplitude de integração e requisitos de conformidade para ajudar gestores de TI, arquitetos de rede e CTOs a tomar uma decisão informada na seleção. O guia inclui cenários de implementação reais dos setores da hotelaria e retalho, um diagrama de arquitetura Mermaid completo e um podcast de 10 minutos para executivos.

📖 7 min de leitura📝 1,656 palavras🔧 2 exemplos❓ 3 perguntas📚 9 termos-chave

🎧 Ouça este Guia

Ver Transcrição

Welcome to the Enterprise Network Briefing. Today we're tackling a decision that sits right at the intersection of IT infrastructure and marketing strategy: choosing the right captive portal and guest WiFi analytics platform. Specifically, we are doing a deep-dive comparison of two major players: Purple and Cloud4Wi. If you're a CTO, a network architect, or an operations director evaluating these platforms for your venues — whether that's a retail chain, a hotel group, or a large stadium — this briefing is for you. We're cutting through the marketing material to look at feature parity, architectural differences, and, crucially, how their pricing models dictate their deployment speed. Let's get into it.

First, let's establish the baseline. Both Purple and Cloud4Wi are enterprise-grade, cloud-based overlays. They are hardware-agnostic. Whether you're running Cisco Meraki, Aruba, Fortinet, or Ruckus, both platforms will integrate with your existing wireless LAN controllers via RADIUS and API connections. You don't need to rip and replace your access points. Both provide highly customisable captive portals, supporting multiple languages, social logins, and compliance with frameworks like GDPR and CCPA. So, where do they diverge? It comes down to their core philosophy and commercial models.

Let's talk about Purple first. Purple's strategy is built on market disruption through rapid deployment and transparent pricing. Their foundational tier, called Connect, is entirely free. It gives you a secure captive portal, branded splash pages, network analytics, and compliance. This is a massive advantage for IT teams that need to stand up a compliant guest network quickly without fighting through a six-month enterprise procurement cycle. Once deployed, venues can upgrade to the Capture or Engage tiers to unlock deep CRM integrations — Purple boasts over four hundred native connectors — and built-in marketing automation. Purple's focus is on turning anonymous footfall into actionable, first-party data as quickly and efficiently as possible. Furthermore, Purple acts as a free identity provider for OpenRoaming, which is a significant step toward seamless, secure connectivity across federated networks.

Now, let's look at Cloud4Wi. Cloud4Wi operates on a much more traditional enterprise software model. There is no free tier, and there is no transparent pricing on their website. Every deployment requires a custom quote and engagement with their sales team. This model reflects their focus on complex, highly customised deployments. Where Cloud4Wi really stakes its claim is in Real-Time Location Services, or RTLS. While Purple provides excellent footfall and dwell time analytics, Cloud4Wi's architecture is deeply integrated with granular location tracking. If your primary use case involves highly precise indoor positioning to optimise physical floor plans or trigger hyper-localised experiences, Cloud4Wi offers a very robust, albeit complex, solution. Their platform is trusted by over one hundred and fifty million users across seventy thousand enterprise locations in one hundred and fifty countries, which demonstrates their scale and enterprise credibility.

Now let's get into the technical architecture. Both platforms intercept a user's initial HTTP request when they connect to an open SSID, redirecting them to the captive portal splash page. This is achieved through a combination of DNS redirection and RADIUS-based access control on the wireless LAN controller. The key configuration requirement on your side is the Walled Garden. This is the set of domains and IP addresses that a device can access before authentication is complete. You need to ensure that all resources required by the portal — including social login APIs, CSS frameworks, and any Passpoint profile servers — are allowlisted in your Walled Garden configuration. Getting this wrong is the single most common cause of portal rendering failures.

Authentication methods are broadly comparable between the two platforms. Both support social login via providers like Facebook and LinkedIn, custom registration forms with configurable fields, and one-time passcodes via SMS or email. Both platforms also support Passpoint, also known as Hotspot 2.0, which is the IEEE 802.11u standard for seamless WiFi onboarding. Passpoint is critical for enterprise deployments because it transitions users from the initial captive portal interaction to a certificate-based, WPA2 or WPA3-Enterprise encrypted connection. This means that on all subsequent visits, the device connects automatically and securely without requiring the user to interact with the portal again.

This brings us to one of the most important technical challenges in the space: MAC address randomisation. Since iOS 14 and Android 11, smartphones generate a random MAC address for each network they connect to. This is a privacy feature, but it completely undermines MAC-based analytics and loyalty tracking. If your guest WiFi strategy relies on recognising returning visitors by their device's hardware address, you are already working with unreliable data. The solution is Passpoint. By using certificate-based identity rather than MAC addresses, you can accurately identify returning visitors regardless of their device's privacy settings. Both Purple and Cloud4Wi support this, but it requires deliberate configuration and user prompting during the initial portal interaction.

Let's talk about the integration ecosystem, because this is where the day-to-day operational impact is felt most acutely. Purple's four hundred plus native connectors cover virtually every major CRM, marketing automation platform, and loyalty system. Salesforce, HubSpot, Microsoft Dynamics, Mailchimp, ActiveCampaign — they're all there. This means that captured first-party data flows directly into your existing marketing stack without requiring custom development. For organisations that have already invested in a marketing technology stack, this is a significant operational advantage.

Cloud4Wi's integration story is more focused on enterprise-grade systems and their own platform ecosystem. They have strong integrations with Cisco infrastructure, which is unsurprising given their partnership history. For organisations running large Cisco deployments, this tight integration can simplify the overall architecture. However, the breadth of out-of-the-box connectors is narrower than Purple's offering.

Now let's move to implementation recommendations. When deploying either platform, start with a thorough network audit. Document your SSID architecture, VLAN segmentation, and RADIUS server configuration before touching the captive portal platform. Guest traffic must be completely isolated from corporate traffic at the VLAN level. This is not just a security best practice — it's a compliance requirement under PCI DSS if your venue processes card payments anywhere on the same physical network.

For the captive portal user journey, keep it simple. Every additional field you add to a registration form reduces your completion rate. A name and email address is the minimum viable data set for most marketing use cases. Use progressive profiling — capture the basics at first login, then use follow-up surveys or portal prompts on subsequent visits to enrich the profile. Purple's Surveys add-on is particularly useful here, achieving a ninety-seven percent average response rate according to their published data.

Now let's do a rapid-fire section on common scenarios. Scenario one: You have two hundred retail stores and need to start capturing customer emails for a new loyalty programme by next month. Which platform? Purple. The transparent pricing and ability to instantly deploy the Connect tier, then upgrade to Capture, fits the aggressive timeline perfectly. Cloud4Wi's enterprise sales cycle would likely miss the deadline.

Scenario two: You are managing a large international airport and need granular, real-time tracking of passenger flow to optimise security queue staffing. Budget is secured. Which platform? Cloud4Wi. Their deep RTLS capabilities are designed exactly for this type of complex, location-centric enterprise requirement.

Scenario three: A hotel group needs a guest WiFi solution that integrates with their existing Salesforce CRM and sends automated post-stay satisfaction surveys. Which platform? Purple. The native Salesforce connector and Surveys add-on make this a straightforward deployment with no custom development required.

Finally, let's talk about migration. If you're currently on one platform and considering switching, the key data to export is your authenticated user database — specifically email addresses and consent records. Both platforms can import existing user databases, but you must ensure that the consent records are portable and that the import process maintains the original consent timestamp and scope. Failing to do this correctly could result in a GDPR compliance breach, as you would be processing data without a valid legal basis.

To summarise the key takeaways from this briefing. First, Purple offers a disruptive, transparent pricing model starting with a robust free Connect tier, while Cloud4Wi relies on custom enterprise quoting. Second, both platforms are hardware-agnostic and integrate via RADIUS, but Purple excels in rapid deployment and built-in marketing automation. Third, Cloud4Wi provides deep Real-Time Location Services capabilities, suited for complex, location-centric enterprise deployments. Fourth, Purple features over four hundred native connectors, simplifying the process of piping first-party data into existing CRM and marketing stacks. Fifth, implementing Passpoint is critical for both platforms to mitigate the analytics disruption caused by MAC randomisation on modern smartphones. And sixth, always ensure your Walled Garden configuration is complete before going live — it is the most common cause of portal failures.

That's it for today's briefing. If you're at the shortlist stage evaluating these two platforms, the decision framework is straightforward: Purple for speed, transparency, and marketing automation; Cloud4Wi for deep location intelligence and complex enterprise customisation. Thanks for listening, and we'll see you on the next one.

Principais Conclusões

✓Purple offers a disruptive, transparent pricing model starting with a robust free 'Connect' tier, while Cloud4Wi relies on traditional, custom enterprise quoting with no self-service option.
✓Both platforms are hardware-agnostic and integrate via RADIUS, but Purple excels in rapid deployment, built-in marketing automation, and a 400+ connector integration ecosystem.
✓Cloud4Wi provides deep Real-Time Location Services (RTLS) capabilities, making it the stronger choice for complex, location-centric enterprise deployments such as airports and large stadiums.
✓Implementing Passpoint (Hotspot 2.0) is critical for both platforms to mitigate the analytics disruption caused by MAC address randomisation on modern iOS and Android devices.
✓Purple acts as a free identity provider for OpenRoaming under its Connect licence, enabling seamless, secure connectivity for users across participating venues globally.
✓An incomplete Walled Garden configuration on the wireless LAN controller is the single most common cause of captive portal rendering failures — verify this before going live.
✓For organisations at the shortlist stage: choose Purple for speed, transparency, and marketing ROI; choose Cloud4Wi for deep location intelligence and complex enterprise customisation.

Resumo Executivo

Ao avaliar plataformas de WiFi para convidados empresariais, os líderes de TI e arquitetos de rede são frequentemente forçados a escolher entre sistemas complexos e rígidos e ferramentas leves que não conseguem escalar. Tanto a Purple como a Cloud4Wi emergiram como players dominantes no espaço de captive portal e WiFi analytics, mas abordam o mercado com filosofias fundamentalmente diferentes. A Purple impulsiona a disrupção do mercado através do seu nível gratuito "Connect" e preços transparentes, funcionando como um fornecedor de identidade gratuito para serviços como o OpenRoaming, enquanto oferece um robusto motor de marketing e analytics de Guest WiFi . A Cloud4Wi, por outro lado, mantém um modelo de vendas empresarial tradicional com uma forte ênfase em Real-Time Location Services (RTLS) e implementações personalizadas.

Este guia oferece uma comparação direta e técnica de Purple vs Cloud4Wi. Dissecamos as capacidades do captive portal, ecossistemas de integração, estruturas de conformidade e modelos de preços. Para CTOs e diretores de operações de espaços que gerem Retalho , Hotelaria ou grandes espaços públicos, a decisão depende se a sua prioridade é a implementação rápida com automação de marketing integrada (Purple) ou implementações empresariais altamente personalizadas e centradas na localização (Cloud4Wi).

Análise Técnica Detalhada: Arquitetura e Capacidades Essenciais

Ambas as plataformas operam como sobreposições baseadas na cloud e agnósticas de hardware que se integram com a sua infraestrutura wireless existente — Cisco, Fortinet, Aruba, Ruckus — através de RADIUS e ligações API. Não é necessária a substituição de pontos de acesso. No entanto, os seus conjuntos de funcionalidades divergem significativamente ao examinar a experiência do captive portal e o tratamento de dados a jusante.

Captive Portal e Autenticação

O captive portal é o ponto de ingestão crítico para dados de primeira parte. A Purple oferece um portal altamente personalizável que suporta mais de 25 idiomas com deteção automática de dispositivos. Oferece diversos métodos de autenticação, incluindo login social (Facebook, X, LinkedIn), formulários personalizados, click-to-connect e integração Passpoint contínua. Crucialmente, a autenticação baseada em perfis da Purple suporta uma rede de mais de 440 milhões de utilizadores em todo o mundo, permitindo um roaming sem atritos em espaços participantes sem interações repetidas no portal.

A Cloud4Wi também oferece uma personalização robusta do captive portal, suportando múltiplas opções de login, incluindo OTPs e SSO empresarial. Eles também enfatizam o onboarding Passpoint para fazer a transição de utilizadores de redes abertas para ligações seguras e encriptadas. Embora ambas as plataformas atinjam paridade na funcionalidade básica do captive portal, a automação de marketing integrada da Purple e os fluxos de trabalho transparentes de captura de dados fornecem um caminho mais imediato para o ROI para as equipas de marketing.

Analytics e Integração de Dados

A utilidade dos dados é onde as plataformas se diferenciam mais claramente. A plataforma de WiFi Analytics da Purple foi projetada para transformar o tráfego anónimo em dados de CRM acionáveis. Com mais de 400 conectores nativos, a Purple envia dados capturados de forma contínua para plataformas como Salesforce, HubSpot e Microsoft Dynamics. O nível "Engage" inclui automação de marketing integrada, permitindo que os espaços acionem comunicações personalizadas com base no tempo de permanência, frequência de visitas e perfis demográficos.

A Cloud4Wi posiciona-se fortemente no espaço de Real-Time Location Services (RTLS). Enquanto a Purple oferece excelentes analytics de tráfego e tempo de permanência, a arquitetura da Cloud4Wi está profundamente integrada com o rastreamento de localização, oferecendo visibilidade granular dos padrões de movimento dos visitantes. Para ambientes que exigem capacidades precisas de Indoor Positioning System — como grandes aeroportos ou centros comerciais de vários andares — a Cloud4Wi oferece uma solução atraente, embora complexa.

Modelos de Preços: Disrupção vs Empresa Tradicional

O contraste mais marcante entre a Purple e a Cloud4Wi reside nas suas estratégias comerciais.

A Purple emprega um modelo de preços transparente e por níveis, projetado para reduzir o atrito e acelerar a implementação. O nível fundamental, "Connect", é totalmente gratuito, fornecendo um captive portal seguro, páginas de splash personalizadas, analytics de rede e conformidade com o GDPR. Este nível efetivamente comoditiza o WiFi básico para convidados, permitindo que as equipas de TI implementem uma solução em conformidade imediatamente, sem um ciclo de aquisição. As organizações podem então fazer upgrade para os níveis "Capture" ou "Engage" para integração avançada de CRM, insights comportamentais e automação de marketing.

A Cloud4Wi opera com um modelo de software empresarial tradicional. Os preços são totalmente personalizados, exigindo o contacto com a sua equipa de vendas para um orçamento. Não existe um nível gratuito ou registo self-service. Esta abordagem alinha-se com o seu foco em implementações complexas e em larga escala, mas apresenta uma barreira significativa à entrada para organizações que procuram implementações rápidas de prova de conceito ou previsão de custos transparente.

Dimension	Purple	Cloud4Wi
Modelo de Preços	Níveis transparentes; nível de entrada gratuito	Orçamento empresarial personalizado
Nível Gratuito	Sim (Connect)	Não
Registo Self-Service	Sim	Demonstração necessária
Automação de Marketing	Integrada (plano Engage)	Via integrações de terceiros
Conectores CRM	400+ nativos	Empresariais selecionados
RTLS / Serviços de Localização	Focado em Analytics	Motor RTLS completo
Suporte Passpoint	Sim (plano Engage)	Sim (nativo)
OpenRoaming	Sim (fornecedor de identidade gratuito)	Sim
Agnóstico de Hardware	Sim	Sim
Conformidade GDPR / CCPA	Sim	Sim
Assistente de IAnt	Não	Sim (Hedy)
Filtragem de Conteúdo	Sim (add-on Shield)	Não

Guia de Implementação

A implementação de um captive portal empresarial requer uma coordenação cuidadosa entre as equipas de engenharia de rede e de marketing. Independentemente da plataforma escolhida, os seguintes passos garantem uma implementação segura, compatível e de alto desempenho.

Passo 1 — Auditoria e Segmentação da Rede. Documente a sua arquitetura de SSID, segmentação de VLAN e configuração do servidor RADIUS antes de intervir na plataforma do captive portal. O tráfego de convidados deve ser completamente isolado do tráfego corporativo ao nível da VLAN. Esta não é apenas uma boa prática de segurança; é um requisito de conformidade ao abrigo do PCI DSS se o seu local processa pagamentos com cartão na mesma rede física.

Passo 2 — Configuração do Walled Garden. O Walled Garden define os domínios e intervalos de IP que um dispositivo pode aceder antes da autenticação estar completa. Certifique-se de que todos os recursos exigidos pelo portal — APIs de login social, frameworks CSS, servidores de perfil Passpoint e o próprio domínio do portal — estão na lista de permissões do seu controlador de LAN sem fios. Um Walled Garden incompleto é a causa mais comum de falhas na renderização do captive portal.

Passo 3 — Conformidade e Design de Consentimento. A recolha de dados primários introduz obrigações ao abrigo do GDPR, CCPA e frameworks de privacidade regionais. Certifique-se de que o captive portal solicita explicitamente o consentimento para o processamento de dados e comunicações de marketing antes da autenticação. Evite caixas de consentimento pré-selecionadas. Tanto a Purple como a Cloud4Wi fornecem gestão de consentimento nativa, mas a linguagem de opt-in específica e a granularidade devem ser configuradas pela sua equipa jurídica.

Passo 4 — Transição Passpoint. Utilize o login inicial do captive portal para solicitar aos utilizadores que descarreguem um perfil Passpoint. Em todas as visitas futuras, o seu dispositivo autenticar-se-á automaticamente utilizando a encriptação WPA2/WPA3-Enterprise, ignorando o portal por completo. Esta é a mitigação definitiva para problemas de aleatorização de endereços MAC e melhora significativamente a experiência do visitante que regressa.

Passo 5 — Integração CRM e Teste de Fluxo de Dados. Antes de entrar em funcionamento, valide o fluxo de dados de ponta a ponta, desde o registo no portal até à criação de registos no CRM. Teste casos extremos, incluindo o tratamento de e-mails duplicados, a propagação de sinalizadores de consentimento e o mapeamento de campos. Os mais de 400 conectores nativos da Purple simplificam consideravelmente este passo em comparação com as integrações de API personalizadas.

Melhores Práticas

Várias práticas padrão da indústria aplicam-se independentemente da seleção da plataforma. Primeiro, minimize os campos do formulário de registo. Cada campo adicional obrigatório reduz mensuravelmente as taxas de conclusão; um nome e um endereço de e-mail são o conjunto mínimo de dados viáveis para a maioria dos casos de uso de marketing. Utilize o perfil progressivo para enriquecer os registos ao longo de visitas subsequentes, em vez de sobrecarregar a experiência de registo inicial.

Segundo, implemente a monitorização da rede para a latência RADIUS. A alta latência entre o controlador de LAN sem fios e os servidores RADIUS na cloud causa timeouts de autenticação e uma má experiência do utilizador. Monitorize os tempos de resposta RADIUS e considere configurações RADIUS redundantes se o seu hardware o suportar.

Terceiro, alinhe os seus padrões de infraestrutura WiFi com a sua escolha de plataforma. Se estiver a avaliar Wi-Fi 6E vs Wi-Fi 7 para uma nova implementação, certifique-se de que a plataforma de captive portal escolhida é testada e certificada para o hardware que está a implementar. Tanto a Purple como a Cloud4Wi são agnósticas em relação ao hardware, mas ambientes densos e de alto débito exigem um planeamento RF cuidadoso para garantir que a experiência do portal não é degradada pelo congestionamento da rede.

Resolução de Problemas e Mitigação de Riscos

Mesmo com plataformas robustas, as implementações de captive portal encontram modos de falha previsíveis. Compreendê-los antecipadamente reduz significativamente o tempo médio de resolução.

Portal Não Renderiza. Mais comummente causado por um Walled Garden incompleto. Reveja a documentação do fornecedor e certifique-se de que todos os domínios necessários estão na lista de permissões. Verifique se existem regras de firewall excessivamente agressivas que possam estar a bloquear os redirecionamentos HTTP utilizados para acionar o portal.

Timeouts de Autenticação. Tipicamente causados por alta latência ou perda de pacotes entre o WLC e o endpoint RADIUS na cloud. Monitorize os tempos de resposta RADIUS e verifique se existem problemas de caminho de rede entre o seu site e a infraestrutura cloud do fornecedor.

Desconexões por Aleatorização de MAC. Smartphones modernos rodam os endereços MAC, quebrando a persistência da sessão e forçando interações repetidas com o portal. A mitigação estratégica é a implementação do Passpoint, que utiliza identidade baseada em certificado em vez de endereços MAC.

Dados Não Aparecem no CRM. Geralmente causados por mapeamentos de campos mal configurados ou falhas de autenticação da API. Verifique se os tokens OAuth e as chaves API não expiraram e consulte os registos de erros da integração tanto no dashboard da plataforma WiFi como no CRM.

Falhas na Auditoria de Consentimento GDPR. Certifique-se de que a plataforma está a armazenar os carimbos de data/hora do consentimento, o âmbito do consentimento e a versão específica do portal apresentada no momento do consentimento. Tanto a Purple como a Cloud4Wi fornecem registos de auditoria de consentimento, mas estes devem ser configurados e retidos de acordo com a sua política de retenção de dados.

ROI e Impacto no Negócio

A medida máxima de uma plataforma de captive portal é a sua capacidade de gerar valor de negócio mensurável. A abordagem da Purple foca-se num rápido tempo de valorização através do seu nível Free Connect e automação de marketing integrada. Locais em Saúde ou Transporte podem rapidamente estabelecer uma rede compatível e começar a recolher dados para impulsionar programas de fidelidade ou monetização de media de retalho. A Purple reporta um ROI médio de 873% na sua base de clientes, impulsionado principalmente pela recolha de dados primários e campanhas de marketing automatizadas.

A proposta de valor da Cloud4Wi está ligada a análises de localização aprofundadas e integrações empresariais complexas. A sua implementação de retalho Guessment demonstra a escala do potencial: 35.000 contactos com consentimento capturados por mês e mais de um milhão de "momentos" de localização em tempo real revelados anualmente. Embora o investimento inicial e o tempo de implementação sejam mais elevados, as organizações que exigem dados RTLS granulares para otimizar plantas ou desencadear experiências altamente localizadas podem considerar o investimento justificado.

Para organizações que avaliam as implicações da Arquitetura da Internet das Coisas da sua implementação de WiFi — particularmente aquelas que integram análises de WiFi com redes de sensores mais amplas — as capacidades RTLS da Cloud4Wi fornecem uma camada de dados mais rica. Purple, no entanto, continua a ser a escolha mais forte para organizações que priorizam o ROI de marketing, a amplitude de integração e a velocidade de implementação.

Termos-Chave e Definições

Captive Portal

A web page that intercepts a user's web browser when attempting to connect to a public WiFi network, requiring interaction — authentication, payment, or accepting terms — before granting internet access.

The primary mechanism for capturing first-party data and ensuring legal compliance on guest networks. Both Purple and Cloud4Wi use captive portals as the entry point for their data capture and analytics pipelines.

Passpoint (Hotspot 2.0)

An industry standard (IEEE 802.11u) that streamlines network access, allowing devices to automatically and securely connect to WiFi networks using enterprise-grade WPA2/WPA3 encryption without requiring manual captive portal logins after the initial profile installation.

Essential for providing a cellular-like roaming experience and mitigating the impact of MAC address randomisation on analytics. Both Purple and Cloud4Wi support Passpoint, but it requires deliberate configuration.

RADIUS (Remote Authentication Dial-In User Service)

A networking protocol that provides centralised Authentication, Authorisation, and Accounting (AAA) management for users who connect and use a network service.

The core protocol used by both Purple and Cloud4Wi to communicate with the venue's wireless infrastructure to grant or deny internet access following captive portal authentication.

Walled Garden

A limited network environment that controls access to web content and services. In WiFi deployments, it refers to the specific IP addresses or domains a device can access before completing captive portal authentication.

IT teams must configure Walled Gardens correctly on their wireless LAN controllers to ensure the captive portal page, social login APIs, and Passpoint profile servers are accessible pre-authentication.

Real-Time Location Services (RTLS)

Technologies used to automatically identify and track the location of objects or people in real time, usually within a building or contained area, using WiFi signal triangulation, BLE beacons, or UWB.

A key differentiator for Cloud4Wi, requiring dense AP placement and specific network configurations to achieve high accuracy. Purple provides footfall and dwell time analytics but does not offer full RTLS.

First-Party Data

Information a company collects directly from its customers and owns outright, rather than purchasing from a third party or inferring from third-party cookies.

The primary ROI driver for marketing teams using platforms like Purple to capture emails, demographics, and behavioural data via the captive portal, particularly valuable in the post-third-party-cookie era.

MAC Randomisation

A privacy feature in modern operating systems (iOS 14+, Android 11+) that generates a random Media Access Control (MAC) address when connecting to WiFi networks, preventing long-term device tracking.

Forces IT teams to move away from MAC-based authentication and analytics toward identity-based solutions like Passpoint. Ignoring this renders loyalty analytics unreliable.

OpenRoaming

A WBA (Wireless Broadband Alliance) federation of WiFi networks that allows users to automatically connect securely across different venues without needing to register or log in repeatedly, using Passpoint as the underlying technology.

Purple acts as a free identity provider for OpenRoaming under its Connect licence, enabling seamless connectivity for users across participating venues globally.

PPSK (Private Pre-Shared Key)

A WiFi security mechanism that assigns a unique pre-shared key to each user or device, providing WPA2-level encryption without requiring a RADIUS server for every authentication event.

Supported by Cloud4Wi for device-level authentication in IoT and BYOD scenarios. Useful in environments where Passpoint is not feasible.

Estudos de Caso

A 500-location retail chain needs to deploy a compliant guest WiFi solution across all stores within 30 days to support a new loyalty app launch. They have existing Cisco Meraki infrastructure but a limited IT budget for the current quarter.

Deploy Purple's 'Connect' tier immediately. Because Purple is hardware-agnostic and integrates natively with Meraki via RADIUS, the deployment requires no new hardware procurement. The Free Connect tier provides the necessary branded captive portal and GDPR compliance framework at zero software cost. The IT team can complete the configuration centrally via Purple's cloud dashboard and push the configuration to all 500 sites without on-site visits. Once the loyalty app is launched and budget is secured in the next quarter, the organisation can upgrade to the 'Capture' tier via a simple license change to begin piping first-party data directly into their CRM.

Notas de Implementação: This scenario highlights Purple's disruptive pricing model. Cloud4Wi would require a lengthy enterprise sales cycle and significant upfront investment, making a 30-day deployment across 500 sites operationally challenging. Purple's self-service, free-tier approach allows IT to solve the immediate connectivity and compliance requirement while providing a seamless upgrade path for the marketing team's data needs. The key risk to mitigate is ensuring the Walled Garden configuration is correctly templated before mass deployment.

A large stadium with 60,000 capacity requires granular tracking of attendee movement to optimise concession stand staffing and manage crowd flow during halftime. They have a high-density Aruba network deployed and a significant capital budget.

In this specific scenario, Cloud4Wi's deep focus on Real-Time Location Services (RTLS) makes it the stronger candidate. The platform must be integrated with the Aruba analytics engine to process location data at the required granularity. The IT team must configure the network to support high-frequency location updates and ensure the captive portal clearly communicates the extent of location tracking to comply with privacy regulations. A phased rollout — starting with a single stand or section — is recommended to validate location accuracy before full deployment.

Notas de Implementação: While Purple provides excellent footfall and dwell time metrics, Cloud4Wi's architecture is heavily optimised for complex RTLS use cases requiring sub-metre accuracy. The stadium must weigh the significant cost of the Cloud4Wi enterprise license against the operational savings generated by optimised staffing and reduced queue times. The privacy communication on the captive portal is critical: attendees must be clearly informed that their location is being tracked, and this consent must be captured and stored in compliance with GDPR.

Análise de Cenários

Q1. A hospital IT director needs to implement a guest WiFi portal that strictly complies with GDPR and HIPAA, while also allowing the marketing team to collect optional feedback surveys. They want to avoid a lengthy procurement process. Which platform architecture best suits this requirement, and what specific configuration steps are required?

💡 Dica:Consider the procurement cycle, the availability of specific add-on features for feedback collection, and the compliance requirements for healthcare environments.

Mostrar Abordagem Recomendada

Purple is the recommended choice. The hospital can immediately deploy the 'Connect' tier to establish a GDPR-compliant captive portal without a lengthy enterprise procurement cycle. They can then add Purple's 'Surveys' add-on to collect the required feedback. The IT team must configure the consent management carefully to separate WiFi access consent from marketing communications consent, ensuring HIPAA-relevant data is not captured through the portal. Network segmentation must isolate guest WiFi from clinical systems.

Q2. Your network engineering team reports high drop-off rates on the captive portal splash page before users authenticate. The portal is deployed on a Fortinet FortiGate controller integrated with Cloud4Wi. What is the most likely architectural cause, and what is the remediation process?

💡 Dica:Think about what network configurations are required for a device to load external resources before authentication is complete, and which specific Fortinet configuration may be involved.

Mostrar Abordagem Recomendada

The most likely cause is an incomplete Walled Garden configuration on the FortiGate. If the portal relies on external resources — such as Cloud4Wi's CDN for CSS and JavaScript, or social login APIs — that are not allowlisted, the page will fail to render correctly. The remediation process is to review Cloud4Wi's Fortinet integration documentation, extract the full list of required domains and IP ranges, and add them to the FortiGate's exempt list for pre-authentication traffic. After updating, clear the browser cache on a test device and re-test the portal flow.

Q3. The marketing team at a shopping mall wants to track returning visitors to measure loyalty, but the IT team notes that MAC randomisation on iOS 14+ and Android 11+ makes this data unreliable. The current deployment uses Purple's Capture tier. What technology should be implemented, and what does the user journey look like after implementation?

💡 Dica:What standard replaces MAC address tracking with secure, certificate-based authentication, and which Purple pricing tier enables it?

Mostrar Abordagem Recomendada

The venue should upgrade to Purple's 'Engage' tier to unlock Passpoint and profile authentication. By prompting users to download a Passpoint profile during their initial captive portal interaction, subsequent visits will automatically authenticate using WPA2/WPA3-Enterprise encryption and certificate identity, entirely bypassing the MAC randomisation issue. The user journey becomes: first visit — portal interaction and Passpoint profile download; all subsequent visits — automatic, secure connection with no portal interaction. This provides accurate, persistent identity for loyalty analytics.