Wireless access is also on the rise in the business environment and is replacing wired connections in many areas. However, with the growth of networks and the spread of WLAN, the complexity increases and with it the challenge of maintaining an overview of the available network connections and the connected end devices. Both private and business end devices are connected to the network in an uncontrolled manner. Network security also works in the age of WLAN and mobile devices. Learn about solutions for secure access of mobile devices to the network and find out how a central intelligence in the network allows the automated enforcement of network access policies for wireless and wired.
The number of different types of end devices connecting to the company network is increasing. Guests bring their laptops, tablets and smartphones with them and want to use the company’s Internet access. Employees want wireless access to productive network resources on their laptops in the meeting room and want Internet access via WLAN for their private devices.
As a result of these developments, CIOs and network managers are constantly being confronted with new requirements in terms of network flexibility. The responsibility for maintaining information security, including regulations, policy, compliance and data protection, remains with IT and must be guaranteed at all times, even when using WLAN. It quickly becomes clear that WLAN and the associated opening of the company network to external devices brings with it a number of new challenges. These include, on the one hand, the broadening of attack vectors for internal company network resources and, on the other, new legal requirements such as the seamless verifiability of user identities.
Of course, there are various approaches to solving these challenges, which are often hotly debated. Many companies, especially those that are security-conscious, decide to separate LAN and WLAN into two completely separate networks. However, this approach has proven to be less efficient in practice. Setting up a separate WLAN network does not provide the desired level of security, nor does it meet the requirements for user-friendliness. In addition, setting up a separate WLAN is often not compatible with the desire to consolidate IT.
The modern company, which is open to WLAN and mobile devices, is looking for a solution that allows the secure expansion of the company network and supports the basic entrepreneurial ideas of efficiency and productivity.
This is why more and more companies are opting for an integrated network that can be used by both employees and guests via LAN or WLAN. Network Access Control has proven to be the basis for setting up an integrated network that meets the requirements for security, efficiency and user-friendliness in equal measure.
Solution: Centralized enforcement of network access policies
Network Access Control enables centralized control of network access in one place – for LAN and WLAN.
Network Access Control is the central intelligence in the network. All new devices connected to the network are automatically assigned to the appropriate network segment based on the stored network access policies. Authentication and authorization is fully automated for all user groups – regardless of whether they connect via LAN or WLAN.
5 criteria for an intelligent access decision to the network
Keeping complexity low
Ideally, only a single network infrastructure is available for all user requirements and devices. If network access policies can be maintained and managed centrally, the work involved in IT network administration is significantly reduced. Thanks to dynamic VLAN management, the various users with different devices can be routed directly to the appropriate network segment.
Save time thanks to automated access decision
The access decision to the network should be made automatically based on the centrally stored policies. This means that even guests can authenticate themselves for Internet use. There is no need to spend time distributing access codes or manually activating devices.
Keeping user-friendliness high
Logging on to the network should always be as simple as possible and independent of the connection type (LAN/WLAN). Ideally, a company should offer a captive portal where guests can also register independently to use the network. This makes the cumbersome distribution of WLAN keys by the IT administrator a thing of the past.
Removing obstacles to productivity
Employees should be able to connect their company laptop to the network quickly and easily anywhere in the company. This increases their productivity. The ability to connect private devices to the network increases motivation and enhances the company’s image as an attractive, modern employer.
Keep control
All devices currently or previously connected to the network and their users must be traceable. This is the only way to meet compliance requirements in terms of network security.