Datasheet
For Organizations
Multi-vendor Cloud PPSK
Supports cloud PPSK lifecycle management across multiple WiFi vendors
Delegation to local managers
Each Network can be assigned with a dedicated Admin with permission to manage Accounts
Network Admins can manage one or multiple Networks
Network can be geographically distribute and independent buildings or different area od the same Campus
Multi Admins and Roles
Each Org can have multiple Admins with multiple roles
Org Admin with Owner role can create other Admins
Org Admin with Owner role can transfer Ownership to another Admin
End-user identity management integrations
Integrations with multiple system of records where to verify identities of end-users to enable self-onboarding
SAML (Google, MS Entra, Okta, Auth0)
Shibboleth
Coworking management system integrations Optix, Office RnD, Nexudus, Adncards
Entrata (coming soon)
Custom HTTP RESt APIs to easily integrate and external system of records (even an google sheet or a custom DB)
Network Policies orchestration
Allows to define and orchestrate Network Policies on the network for supported vendors
Initialize and mange Group Policies on Meraki and keep them in sync across all Networks deployed in he project
Allows to automatically manage Personal area networks for Accounts
Automatic PAN orchestration via VLANs or L3 segments (such as Meraki WPN or Extreme PCGs)
Automatic orchestration provide multipel options:
assign unique PAN to each Account
assign PAN based on assigned Unit
assign PAN based on Account Group
Option to free-up VLANs upon service termination for re-use by other Accounts
Self-service portal for users to manage their service
Admins can define the content, logo, color, theme of the Portal and granularly enable/disable each capability
See personal passphrase and network PPSK name
Scan QR code for quick connection to the WiFi network
Re-generate the passphrase (if enabled by Admins in the dashboard)
See and edit personal profile and service details
Delete their own account (compliance)
Enable/disable dedicated passphrase for Guests (if enabled by Admins in the dashboard)
Enroll personal devices into Passpoint (if enabled by Admins in the dashboard)
Manually manage legacy devices by adding, removing editing individual MAC addresses
Audit the list of devices used to connect
Tenants can create a dedicated, temporary passphrase for guests
Can be enabled/disabled by Admins
Tenants can generate in one click a dedicated passphrase for guests that gets disabled automatically at the end of the day
Manual definition of passphrase policies
Length of the passphrase
list o characters used to generate the passphrase
By default, Cusna avoids characters that can be easily confused
Onboarding Portals
Customizable web portals for end-users self-onboarding
Unique short URL and QR code for each Network
Universal URL where users can pick their network
Taxonomy, content, logo and theme customization at global scope and for each network
Advanced custom CSS style override
Simplified publishing of portals on SSIDs as captive portals for some vendors such as Meraki
Allows tenants to get onboarding and access their service portal without passwords
Existing Accounts can simply enter with their email address and click a magic link sent to their email to access the portal
Both in case of IdP integration and or email whitelist definition, also new users can follow the same process with magic link and they are prompted to a registration form on their first access
Possibility to define a list of domains to allow users to self-onboard if they have an email address with such domains (require email verification with magic link)
Self-registration process
Tenants are prompted to a registration step on their first access
Compliance acceptance on first access
Customizable list of profile attributes (first, last name, email, phone, etc..) to be collected
Option to enable phone verification via OTP sent via SMS (require setup of Twilio Verify integration)
Option to let tenants select their Unit (only free Units listed)
Forced paid plan enrollment during first access if enabled by Admins
Option to let tenants onboard their devices with Passpoint
Admins can decide to enable Passpoint onboarding or not (requires a dedicated SSID)
Devices connecting via Passpoint will be assigned to the Account PAN in the future but right now are on a generic guest network
Ability to visualize and manage individual accounts
Account summary view with search, filtering and status insights and bulk export in Excel
Account profile page, with possibility to edit passphrase, VLAN, Unit and personal data
Print WiFi service card with PPSK and QR code
Account activity history logs
Account service suspension
Accounts delete
Bulk import of accounts from XLS
Accounts service lifecycle management
Service activation and termination can be manage manually or automatic
Schedule activation in a future date
Schedule automatic termination on a future date
Activation and termination date can be inherited form eterna IdP/PMS in case of self-onboarding
Option to force an automatic expiration after a configurable number of days
Option to notify accounts in advance, a configurable number of days before the scheduled service termination
Account welcome and confirmed activation emails, branded with colors and logo of the Organization
Multiple Accounts types
Ability to differentiate between Tenants (people), and Things
Tenants: represent individuals, passphrase is automatically generated and Accounts have personal metadata (emails, name, etc..)
Spaces: dedicated for common spaces such as meeting rooms. Passphrase do not expire and can be set manually.
Auto-rotation: option to automatically rotate Space passphrase daily
IoT Groups: dedicated to devices, usually fixed device sin the venues, that need to be connected with individual or group-based passphrase that can be automatically generated or specified manually
Visitors: temporary accounts that gets automatically disabled at the end of the day
Allows Visitors to get onboarded with a temporary account
Allow visitors to register on the Onboarding portal filling a form
By default Visitors are terminated at the end of the same day
Visitors can optionall request a service extention until a certain date, by specifying a reason and desired date
Admins are notified via email and can approve or reject the extentions requests in the dashboard
Ability to organize Accounts in Groups for simplified provisioning of shared configurations and policies
Network-specific or Org-level Groups
Default Group VLAN shared across all Accounts (optional)
Option to make Group members shared the same passphrase
Group-level Network Policy assigned to all Group members
Group-level service activation date to enable all group member in bulk in the future
Group-level termination date to terminate the service of all group members in the future
Group-mapping option allows to map Groups inherited by the third party connected IdP (e.g. Ms Entra) with Cusna Group
Option to block access only to the users mapped in one of the defined groups
Ability to manage the inventory of units/room in a building and assign network devices
Manual or automatic pre-assignment of Unit-level VLANs to simplify configuration of switches
Assign Access Points to a unit to automatically configure cable ports to be in the same PAN ans the wireless devices (for supported vendors)
Granular assignment of individual Access Point ports to different Accounts in the same Unit (for supported vendors)
Unit-specific onboarding portal URL that allows deploying QR codes in Unit for simplified onboarding
Unit selection can be enabled in the user registration form during initial onboarding
Observability and accountability
Ability to track the clients used by each account over time
Tracking of all clients used by each Account to connect to the WiFi network (supported vendors only)
Ability to manually block/allow specific Clients (supported vendors only)
List is visible to both Admins in the dashboard and Tenants in the WiFi Portal
Onboarding and authentication of legacy devices via MAB
Tenants can manually add/remove and mange personal legacy devices in the WIFI portal by specifying their MAC address
Devices are authorized via MAC authentication and force in the same PAN as the client connected via PSK
Can be use for both wired and wireless clients (required a dedicated SSID with MAB configured)
Ability to integrate the existing company support system in the WiFi Portal
WiFi Portal can show a widget or links to the existing support channels
Drift, FreshWorks (and anything on demand)
Allows to collect service fees directly form tenants
Simplify company billing system setup via Stripe Connect
Ability to create multiple service Plans with different network policies (bandwidth)
Manual assignment of Plans to Accounts to force Accounts to select among available plans during onboarding
Tenants can change plan, change payment details, consult payment history and see upcoming bills in their WiFi portal
Admins can see billing details for each Account in the dashboard
Compliance
Set of capability for security and compliance
Orgs must configure their own Privacy Policy and (optionally) terms of service that are presented to end user during onboarding
Customizable Retention policy allows to automatically delete PII based on customizable timing
Admin can enable 2-factor authentication to access the dashboard
Complex password policies are enforced by default
Monitoring and assurance
Set of capability to help monitor and troubleshoot the service
Admins can subscribe to receive email notifications about all anomaly events
Anomaly dashboard shows all issue and anomalies
Network status widget (for supported vendors) reports the status of the APs used int eh deployed networks and provide a list of all APs with related status and notes
Account administration
Enterprise grade account management
Custom email sender for all service-related email communication
Activity logs allows to audit the history of all operations occurred, from Account service lifecycle to setting changes
Simplified Password changes in the dashboard for admins
Option to force password reset option for Admins
Ability to reset the workspaces to start fresh with new vendor integration
Ability do terminate and delete account
Intuitive dashboard with summary fo the service status, report of main KPIs
Widget reporting daily active clients connected on the deployed networks
Monitoring of current Monthly Active Accounts (MAA)
APIs
Offer the ability to integrate with external provisioning systems
Accounts management APIs (create, edit, delete, activate, suspend)
For Managed Service Providers
MSPs have a dedicated dashboard where they can provision and manage their customers
List of managed Organizations with summary of most important information
Click to login in each Organization account with MSP-level permissions
Granular control on enabled features and capabilities on each Organization
Ability to permanently delete Organizations
MSPs pay for what they consume across all Organizations based on Monthly Active Accounts
Ability to set the Maximum MAA on each Organization to control costs
License dashboard with license control
Current month MAA and Overages
Current and history of MAA Subscription
Report of MAA per each managed Organization per each Month of the last 12 months
Ability to order MAA Allowance subscriptions to reduce Overage MAAs and save on costs
Service assurance
MSP can easily monitor issues and anomalies occurring across all their managed organizations
Dashboard with the list of active anomalies across all Organizations, with multiple filters
Option to receive Anomalies notifications in real time via email for all Admins
MSPs can have multiple Admins with different roles
MSP Admin with Owner role can:
create and edit other Admins
assign generic permissions or add the permissions to buy MAA Subscriptions and to activate new Organizations
transfer ownership to another Admin
MSPs can configure generic options that are imposed on all managed organizations
Ability to filter the list of WiFi vendors that are available to managed organizations
Custom support URL that overrides the default one in all Organization's dashboard
Default privacy policy and terms of use that are configured as default one for all managed orgs
Logo and access colors that are initialized as default ones for all new Organizations
Last updated