Deploying Cloud NAC successfully depends on ensuring your current network infrastructure and Identity Provider (IdP) platform meet the necessary technical requirements. Because Cloud NAC uses two distinct onboarding methods—the Captive Portal and the BYOD Portal—hardware compatibility will vary depending on the experience you choose to deliver.
1. Network Infrastructure (Hardware) Compatibility
Cloud NAC leverages different underlying technologies to onboard and connect trusted users. Review the criteria below to verify if your existing access points and wireless controllers are compatible.
Captive Portal Onboarding
The Captive Portal method relies on traditional web-redirection mechanisms—the same standard architecture traditionally deployed for guest Wi-Fi solutions.
Compatibility: If your hardware is already certified by Cloud4Wi for guest Wi-Fi, it is fully compatible with Cloud NAC Captive Portal onboarding.
Reference: You can find the complete list of supported hardware and setup steps in our [suspicious link removed] (Insert actual link here).
BYOD Portal Onboarding (Passpoint)
The BYOD Portal aims to onboard user devices automatically by deploying secure Passpoint (Hotspot 2.0) profiles.
Compatibility: This method requires your wireless network infrastructure to explicitly support Passpoint technologies (specifically 802.11u and ANQP protocols). You must check your specific hardware firmware capabilities to ensure Passpoint support is available and enabled.
Hardware Compatibility Matrix
Use the matrix below to verify or map out compliance across your deployed hardware vendors:
| Vendor | Model / Line | Captive Portal Support | Passpoint Support |
|---|---|---|---|
| HP Aruba Networks | Mobility Controller | ✅ Supported | Yes |
| Aruba Central | ✅ Supported | Yes | |
| Cambium Networks | cnPilot | ✅ Supported | Yes |
| Cisco Systems | Catalyst 9800 | ✅ Supported | Yes |
| Meraki MR series | ✅ Supported | Yes | |
| Meraki MX and Z1 | ✅ Supported | ❌ No | |
| WLC | ✅ Supported | Yes | |
| Ericsson Cradlepoint | All routers | ✅ Supported | Yes |
| Extreme Networks | HiveManager NG | ✅ Supported | Yes |
| Wireless IQ Controller | ✅ Supported | Yes | |
| EWC | ✅ Supported | — | |
| Fortinet | FortiGate | ✅ Supported | Yes |
| FortiGate as a firewall | ✅ Supported | ❌ No | |
| Huawei | AC Controller | ✅ Supported | ❌ No |
| Cloud Campus | ✅ Supported | ❌ No | |
| IgniteNet | Spark Series | ✅ Supported | — |
| Mikrotik | All | ✅ Supported | — |
| Nomadix | AG 5800 series | ✅ Supported | ❌ No |
| Omada TP-Link | On-Prem | ✅ Supported | Yes |
| Cloud controller | ✅ Supported | Yes | |
| Peplink | All | ✅ Supported | ❌ No |
| Ruckus Wireless (Commscope) | SmartZone and SCG | ✅ Supported | Yes (v6, v5.1) |
| Zone Director | ✅ Supported | — | |
| Standalone | ✅ Supported | — | |
| Ruckus One | ✅ Supported | — | |
| Teltonika | RUT850, RUT955 | ✅ Supported | — |
| Ubiquiti | Unifi SDN Controller | ✅ Limited | Yes (UAP-AC-M-PRO, UAP-AC-LITE, UAP-AC-PRO, UAP-AC-IW, UAP-AC-M) |
2. Identity Provider (IdP) Compatibility
Cloud NAC maps digital identities to your network security policies by integrating with your organization's centralized account registry.
Microsoft Entra ID (Fully Supported)
Cloud NAC offers deep, native integration for Microsoft Entra ID.
Capabilities: Full support for both user authentication and automated directory synchronization. Cloud NAC communicates directly with the Microsoft Graph API, meaning any change to a user's status or group membership in Entra ID instantly updates their network privileges.
SAML 2.0 Single Sign-On IdPs (Partial Support)
Cloud4Wi supports Single Sign-On (SSO) via the industry-standard SAML 2.0 protocol with a wide array of third-party identity providers (e.g., Okta, Google Workspace, Auth0, Ping Identity).
Capabilities: SAML allows your users to authenticate securely using their corporate credentials during onboarding.
Current Limitation: SAML alone handles only the authentication piece. Currently, standard SAML 2.0 integrations do not automatically synchronize user directories or track live status updates after onboarding.
🚀 Coming Soon: We are actively developing automated directory synchronization capabilities for all major SAML 2.0 providers via upcoming SCIM protocol updates. Stay tuned for future release announcements!