As many businesses start to realize the importance of delivering reliable, secure wireless access, they also quickly find out that it's a lot more complex than simply throwing up some access points and handing out your password.
As we know from the Wi-Fi engineering process, you're wireless network is never done, rather a constant work in progress.
However, managing your Wi-Fi network isn't easy to do, especially if you lack the experience and certifications required to know what you're doing.
Whether you're upgrading an existing wireless system that's outdated or you're deploying wireless for the first time, there are two important components that have to be factored into your new WLAN design to maintain performance and proper security:
- Network management system
- Network access control
In this blog, our goal is to help you understand what each component is and more importantly, why do you need them to deploy a reliable and secure wireless network.
What is a Network Management System?
Simply put, a network management system integrates with both your wireless and wired infrastructure, providing real-time visibility of your entire network.
With an NMS deployed you'll be able to proactively monitor things like:
- Access points
- Switches
- End-users and their devices
- Even what your end-users are doing while on the network, from streaming video to surfing the internet.
Why do you need this?
A common WiFi mistake a lot of businesses make is thinking that once your new wireless network has been deployed and live, it's done. Unfortunately this isn't the case.
Wireless systems are dynamic, constantly changing. From RF signals, to your physical environment (new buildings, remodeling), to the devices you have to support and the security threats you have to prevent, everything is alive.
In order to avoid wifi problems and maintain reliable wifi performance levels, you need to be able to see what's going on at all times.
A network management system or platform (as it's sometimes called) allows you or a managed service provider to do this by monitoring how your system and the end-users/devices it's required to support are actually performing.
In addition to monitoring your network an NMS solution can also help you decrease the time it takes to troubleshoot wifi problems as well as avoid them all together.
Some network management systems have features that allow you to simulate what your end-users are experiencing on your current wireless system. This can allow you to stay ahead of potential problems and even test new additions to your network before they go live.
Benefits for your wired infrastructure too
Switching plays a critical role in your ability to deliver reliable wifi access to your guests, customers and employees.
With the right network management system you'll be able to monitor things such as:
- Your switches up and down
- How many devices are connected to your switches
- Information about the type of device, IP addresses
- Troubleshooting- being able to see a specific AP is connected to X switch port
- Traffic information
Information you just won’t have access to without this type of application or integration.
A Network management is all about monitoring your network to manage and maintain wifi performance on your very much alive, wireless system.
What is Network Access Control?
Network access control or NAC, is exactly what it sounds like-it controls access to your network.
If you can’t see and control who is accessing your network, and what they are allowed to access, how can you keep your company and your end-users safe from possible malicious security threats?
Network access control breaks down into three parts:
- Identify
- Assign
- Enforce
Check out this quick 90 second video to learn more about why you need to consider NAC
Identify
- Who the end-use is and if they are already a validated user on your network
- What the end-user or device is trying to access
- Where they are trying to access your network
- When devices and end-users are trying to connect to the network. This can benefit bandwidth distribution.
- How the end-users are connecting i.e. what types of devices they are using (smart phones, tablets, laptops).
- NAC can also regulate IoT devices and systems gaining access (scanners, security cameras, POS systems, HVAC etc.)
With this type of information you will be able to properly identify who or what is accessing your network to then assign them a role.
Next, assigning roles and enforcing policies
Also called role-based access control, once you've identified who or what is trying to access your network, you can control where they're able to go and what they're allowed to do by assigning them a specific "role".
These roles can be whatever you would like them to be, for example:
- Teacher - Access to learning applications, and faculty specific internet resources
- Customer - Zero access to internal information. Basic necessities allowed such as general access to the internet, social networking platforms, and email.
No matter what type of device it is or who the user is, or even where they are, you can enforce pre-determined security policies associated with your roles.
NAC allows you to custom fit the wireless experience for each type of end-user and their specific needs, not only enhancing security but also the user experience.
NAC provides a variety of benefits such as:
- More efficient BYOD/IoT on-boarding
- Dynamic security threat remediation through a variety of third-party integrations
- Increased troubleshooting capabilities through real-time analytics
- Device health checks to mitigate vulnerabilities
Network access control is a significant component in the effort of providing the end-users and devices accessing your network with everything they need, nothing more and nothing less.
Next Steps
It's great to offer wireless access to your employees, guests and customers, however, it's not as simple as buying some routers and turning them on.
By making sure your wireless system incorporates both a network management system and a network access control solution, you'll be well on your way to actually delivering a safe and productive wireless experience that everyone can enjoy.