Network types supported by RUCKUS One range from networks that are typically deployed in enterprise or office environments in addition to networks that are typically deployed in public places (such as coffee shops, libraries, airports, hotels, and so on) where there is a high, but temporary, number of network users. RUCKUS One supports the following authentication methods:

• Pre-Shared Key (PSK): Require users to enter the passphrase that you define for the network to connect.
• Dynamic Pre-Shared Key (DPSK): A unique passphrase is dynamically created for each user to use when connecting.
• Enterprise AAA: Uses 802.1X standard and WPA2 security protocols to authenticate users using an authentication server in the network.
• Hotspot 2.0 Access: Enable users to automatically and securely connect to Wi-Fi networks while roaming by supporting multiple roaming partners over a single SSID.
• Captive Portal: Use a third party captive portal and authentication service to authenticate users. The following are the captive portal methods that allow users to gain access through the captive portal:
  • Click-Through: Allows users to accept Terms and Conditions to access the network.
  • Self Sign In: Allows users to access the network temporarily using their social media account or register their details and get a personal password.
  • Cloudpath Captive Portal: Allows users to connect through an enhanced captive portal with Cloudpath.
  • Host Approval: Allows users to register their details on the portal including their host email. A host must approve the guest request to provide the temporary network credentials to the guest.
  • Guest Pass: Allows users to access the network temporarily using a personal password that they receive from the network administrator.
  • 3rd Party Captive Portal (WISPr): Allows users to access the network through a third‑party captive portal authenticated by a RADIUS server.
  • Active Directory/LDAP Server: Allows users to join by entering an organization‑based username and password, authenticated by an associated Active Directory (AD) server or Lightweight Directory Access Protocol (LDAP) server.
  • SAML Identity Provider (IdP): Allows users to authenticate through the organization's SAML Identity Provider (IdP).
  • Workflow: Allows users to connect through an enhanced captive portal experience with Workflow.
• Open Network (not recommended): Allow users to access the network without any authentication.

Security protocols are standards used in networks to enforce encryption and authentication to prevent unauthorized access and data manipulation. The following security protocols are available:

• Wired Equivalent Privacy (WEP): WEP is the first wireless security protocol used to encrypt data on Wi‑Fi networks; however, it has known vulnerabilities and weak encryption, making it obsolete. It uses 64‑bit and 128‑bit fixed‑key encryption. WEP was retired in 2004 by the Wi‑Fi Alliance. It remains available in RUCKUS One to support legacy Wi‑Fi networks that contain very old devices that are costly or difficult to replace.
  Attention: Do not use this method to transmit sensitive information.
  Note: Due to security concerns, WEP is no longer supported for new configurations. Existing networks that use WEP are not affected.
• Wi-Fi Protected Access (WPA): WPA is the updated version of WEP and resolves several vulnerabilities. It introduced the Temporal Key Integrity Protocol (TKIP) for encryption and improved authentication methods. It generates a new key for each data packet, providing better protection against unauthorized access. WPA supports legacy devices manufactured after 2006.
• Wi-Fi Protected Access 2 (WPA2): WPA2 is the upgraded version of WPA. It uses Advanced Encryption Standard (AES) for data encryption and authentication. It supports 802.1X and Pre‑Shared Key (PSK) modes.
• Wi-Fi Protected Access 3 (WPA3): WPA3 is the updated version of WPA2 and a most recent wireless security standard. It supports 6 GHz radios. It introduces the Simultaneous Authentication of Equals (SAE) protocol, which is resistant to password‑related attacks, and Opportunistic Wireless Encryption (OWE), which provides encryption for public Wi‑Fi. It also includes Management Frame Protection (802.11w), which encrypts management frames between the device and the AP. After 2020, WPA3 can be used with Wi‑Fi certified devices. Backward compatibility is not guaranteed.
  Note: If you configure PSK network settings with the WPA3 security protocol, the SAE protocol replaces the PSK passphrase with an SAE passphrase.
• WPA2/WPA3 Mixed Mode: This configuration allows APs to support both WPA2 and WPA3 at the same time. It is also known as WPA3 transition mode. This mode enables a gradual transition to WPA3 while continuing to support devices that depend on WPA2. If you choose this option, you must configure both WPA2 and WPA3 SAE passphrases separately.