This is quite a nice feature from Mist that allow the secure on-boarding and segmentation of users and wireless devices, especially Internet-of-Things devices that do not have 802.1x support. Usually you would have to separate users through the use of separate SSID’s with each SSID having its own personal passphrase and in some cases place them on separate VLANs and subnets and add to that the ACLs required for each SSID.
Mist now have “patent-pending” personal WLAN technology, which means users and devices will use a common SSID but different personalised pre-shared keys (PSK) across all access points. Thus, if a group of devices share the same PSK they share the same resources and if you don’t belong to that controlled group you won’t be able to access these devices or services. Users can create their own private keys that can then be applied to the devices of their choosing and shared within a controlled group.
This will stop the need for smaller wireless deployments to invest in expensive segmentation such as radius servers to provide authentication, authorisation and accounting (AAA). It also limit the number of SSIDs, which will help to keep the wireless spectrum utilisation efficient and clean.
As per Mist this will be perfect for environments where users need private access to shared devices, such as hotels, retail stores, malls, public venues and school dormitory rooms.
WLAN Lessons Learned 