Is it possible to use Wireless authentication by Facebook and others social on AP ?

@FabioTerrone - We're working on requirement finalization for Social Login integration for Sophos Central based Wireless. This will enable us for other social login property (Google+, Twitter etc. - based on OATH 2.0). 

The timeline for this is late Q4'18 - Q1'19. 

Once the feature requirements are finalized we would like to touch base with you and see if I walk you through the use cases and flow. It would be great to get your feedback. 

Hi Shail,

Do you have some update about this feature, we are in a big project and this feature is required.

Best Regards.

Heleno Fagundes

Hi Heleno,

This is a part of our roadmap and can be expected by the mid of this year.

Regards,

Tejas

So you posponed this feature by another quarter.

No good.

Tejas Kashyap said:

Hi Heleno,

 

This is a part of our roadmap and can be expected by the mid of this year.

 

Regards,

Tejas

 

Can we please get a roadmap update?  We're nearly a full year beyond the original release estimate.

Hi Joshua,

The feature is under testing and should be available by the end of the year. I will update you on the exact dates. 

-Tejas

Hi Tejas, Sophos should know that this feature is mainly required by "tourism" vertical market.

Sophos should know that this market follows a seasonal path.

If this feature will be released in october, partners will have the time to test it and offer it to customers.

If it will be released in november, partners could offer it to customers hoping that it works as expected.

If it will be released in december, in most cases partners should offer a different product to customers that's upgrading their infrastructure before the winter season.

Hi Joshua,

The supporting firmware for the access points has already been staged in all regions. Users need to upgrade their access points to 2.2.0-19 image. The options to configure the same through UI should be available post the next Sophos Central release. The target date for this is December 7th. Post-December 7th, users should be able to configure social media authentication on Captive Portals. 

-Tejas

Hi, those are good news, but one of the (biggest) question of the first post is still unanswered:

"Will be possible to manage by XG firewall (Or will be manageble only by cloud)?"

Your post rose another couple of questions, that's related to the previous one:

Will it be supported with Sophos AP only, or on any network connected to XG?

If it's available on XG too, how should we weight this to correctly estimate the XG sizing in an hotel?

thank you

Hi Alessio,

The current support is for access points managed through Sophos Central only. There is no support for social login through XG.

-Tejas

Thank you.

There's something planned for XG?

It's on the backlog but, not in the short term roadmap.

-Tejas

Thank you for the update, Tejas.  I'll play with it this weekend.

If you can provide any links on setting this up from within Central, it would be appreciated.

Regards,

Joshua

Hi Joshua,

We are working on some how-to videos and other material which should be available early next week.

-Tejas

Hello,

Personally, keep it on the backburner.

Last thing I would be looking at is anything which combines facebook into my customers firewalls.

People want to set facebook with Sophos Central managed wifi, then fine. But not into the XG.

I don't know how the market is in Australia.

Here, if an hotel (in most cases family-run with 40 rooms or less) already has a WiFi system, you cannot simply say them: "Hey, you need to grab every AP and throw it in the trash bin, so I can sell you a (not cheap) WiFi system with social integration!"

So, you sell them an AP-independent social WiFi system coupled with an XG, and when a couple of years later you're ready to change the APs, they do already have something else that's working and they know how it works (and, today, that has more functionalities than Sophos).

It needs to work without central, and it needs to work without Sophos APs (and without WiFi at all)

Hello,

I can understand your request, and I can understand that in Backpacker style hostels it may be considered a requirement.

But my customers XG firewall, which has control of primary and backup internet connections, Office Server and Client network segregation, Corporate and guest Wifi will not be exposed to something as insecure and unreliable as Facebook for any form of authentication.

People can use it on their client devices, could even be a fully separate and secured set of devices hanging off a separate port on a firewall, but Facebook, Linkedin, Twitter, Snapchat will never be a part of the backend security model.

A definable way to open yourself up for endless nights of pain and work.

Not going to happen!