@Matthew and Nick: Yeah, since we are currently in the process of testing out all the different protocols (PEAP, EAP-TTLS, etc.) it seems like EAP-TLS is the winner. We just need to set up the certificates for our devices in the Windows AD. Nonetheless: Thank you for clarifying and your help!