Guidance

GovWifi

Published 13 December 2016

Government organisations often have several different wifi networks in the same building. The GovWifi service is managed by Government Digital Service (GDS). Government organisations can run the service on their existing infrastructure. It has been designed to replace user and guest wifi solutions with a single secure wifi network.

GovWifi allows staff and visitors in government organisations to connect and stay connected to a secure wifi service whilst they move from building to building.

1. How GovWifi works

GovWifi is an authentication service running in the cloud that makes all the various participating wifi networks appear as one. Participating organisations configure their wifi infrastructure to access the GovWifi authentication service using the RADIUS open standard.

Each end user is protected with unique credentials and encryption keys when they log in to the wifi and access the internet. These credentials are randomly generated so can’t be used to get into other systems if stolen.

Once logged in, users can access their organisation’s resources in the same way they would if they were working away from the office. Depending on an organisation’s requirements, users may need to use a virtual private network. Users’ devices are isolated from each other to stop the horizontal spread of malware and protect secure devices from less secure ones.

The network also identifies itself in a way that can’t be spoofed, adding to the safety measures that provide protection from potential attackers.

2. Status

GovWifi is currently in private beta, which means we’re still making improvements. The service is available only in government organisations taking part in the private beta.

3. When can my organisation use GovWifi?

Government organisations can take part in the private beta. Technical teams can request to take part by emailing govwifi-support@digital.cabinet-office.gov.uk.

4. What does it cost to use GovWifi?

The GovWifi service is managed centrally by GDS, which covers the running costs for the platform.

5. Security

Your wifi installation must meet the requirements defined in sharing workplace wireless networks. You must configure:

  • user devices to automatically check that the correct certificate is presented by the network so users don’t connect to fake networks
  • WPA2-Enterprise (AES) encryption to ensure privacy
  • client isolation on your wireless network to protect users from each other
  • anonymous identity to encrypt usernames

6. Availability and support

GovWifi is a high availability service with automatic scaling, failover and load balancing.

For email and text messages GovWifi uses GOV.UK Notify.

GovWifi is supported from 8:30am to 10pm, 7 days a week. There is a ticketing system for service teams to ask questions or raise issues. GDS provides support to technical teams:

  • once they have completed all diagnostic tests
  • if they find a problem with the central authentication service

GDS does not provide direct support to end users. Technical teams in organisations must support their end users.

7. Getting started

We want to make it easy for government organisations to use GovWifi. Follow these instructions to:

End users should follow these instructions to connect to GovWifi.

8. Going live

Advertise the service in your buildings to tell users how to sign up to GovWifi. GDS will send you a poster when you register your site.

9. Find out more

If you manage IT services in a government organisation and have any questions about GovWifi, email govwifi-support@digital.cabinet-office.gov.uk.

We regularly blog about our work and you can find the latest updates on the government technology blog.