solution brief ID Manager Leverage the Cloud to Simplify and Automate Enterprise Guest Management

Similar documents
Aerohive Private PSK. solution brief

Aerohive Client Management

HiveManager Client Management

Wi-Fi Security. More Control, Less Complexity. Private Pre-Shared Key

Smart Mobility Platform for Retailers

Aerohive and JAMF Software

Frequently Asked Questions Aerohive ID Manager

The Benefits of Cloud Networking Enable cloud networking to lower IT costs & boost IT productivity

Rethink Your Branch Network Strategy

Aerohive and Palo Alto Networks. Partner Solution Brief

Seven Guidelines to Support Standardized Testing

How To Make A Network Reliable

Trends in Wireless Networking for Healthcare Organizations

White Paper. Retail Made Personal. Make the shopping experience personal, relevant, and profitable

Solution Brief. Aerohive and OpenDNS. Advanced Network Security for Retail Stores

Cloud Services Platform. Security and Availability Controls Overview

Radio Resource Management in HiveOS. solution brief

The Benefits of Cloud Networking

How To Build A Network From Scratch

Connected Store & Restaurant in a Box

Xirrus EasyPass Access Services

Secure WiFi Access in Schools and Educational Institutions. WPA2 / 802.1X and Captive Portal based Access Security

Building Secure Wireless LAN. white paper

ADDING STRONGER AUTHENTICATION for VPN Access Control

Secure network guest access with the Avaya Identity Engines portfolio

WHITEPAPER. SECUREAUTH 2-FACTOR AS A SERVICE 2FaaS

Optimizing Network and Client Performance Through Dynamic Airtime Scheduling. white paper

Enrollment System GETTING TO THE BOTTOM OF BYOD... AND COMING OUT ON TOP

BR100 Router Branch Router with built-in n

STRONGER AUTHENTICATION for CA SiteMinder

NXC5500/2500. Application Note. Captive Portal with QR Code. Version 4.20 Edition 2, 02/2015. Copyright 2015 ZyXEL Communications Corporation

Cisco Mobile Collaboration Management Service

Robust security is a requirement for many companies deploying a wireless network. However, creating a secure wireless network has often been

Tech Brief. Enterprise Secure and Scalable Enforcement of Microsoft s Network Access Protection in Mobile Networks

Deploying the ShoreTel IP Telephony Solution with a Meru Networks Wireless LAN

WiNG5 CAPTIVE PORTAL DESIGN GUIDE

Avaya Identity Engines Portfolio

When is Cloud-managed WLAN a Good Fit?

BYOD: BRING YOUR OWN DEVICE.

Proposal Document TitleDocument Version 1.0 TitleDocument

Addressing BYOD Challenges with ForeScout and Motorola Solutions

TECHNICAL WHITEPAPER. Author: Tom Kistner, Chief Software Architect. Table of Contents

Two-Factor Authentication

Securing Wireless LANs with LDAP

data sheet Ruckus Smart Access Management Service MOVING SMART WI-FI INTO THE CLOUD FEATURES AND BENEFITS

Aerohive Online Exam Instructions Aerohive Certified Wireless Administrator (ACWA)

data sheet Ruckus Smart Access Management Service moving smart wi-fi into the cloud

Reasons Enterprises. Prefer Juniper Wireless

Meraki: Introduction to Cloud Networking

Executive Summary P 1. ActivIdentity

Benefits of an ITIL Help Desk in the Cloud

Cloud Management. Overview. Cloud Managed Networks

EasyConnect. Any application - Any device - Anywhere. Faster, Simpler & Safer Networks

(A) User Convenience. Password Express Benefits. Increase user convenience and productivity

SA Series SSL VPN Virtual Appliances

Activity sectors of UCOPIA.

Entrust IdentityGuard Comprehensive

Healthcare Reference Architecture to Support Mobile Access for Point-of-care and Other Critical Applications

Symantec Mobile Management for Configuration Manager 7.2

An Enterprise Approach to Mobile File Access and Sharing

Integration of Visitor Management with Access Control Systems

ForeScout MDM Enterprise

1 1. EXECUTIVE SUMMARY...

White Paper. Anywhere, Any Device File Access with IT in Control. Enterprise File Serving 2.0

Kaseya IT Automation Framework

Simple security is better security Or: How complexity became the biggest security threat

The governance IT needs Easy user adoption Trusted Managed File Transfer solutions

Eliminating the cost and complexity of hardware controllers with cloud-based centralized management

Cisco s BYOD / Mobility

An Overview of Samsung KNOX Active Directory and Group Policy Features

Symantec Mobile Management 7.2

Symantec VIP Integration with ISE

Endpoint Virtualization for Healthcare Providers

Models HP IMC Smart Connect Edition Virtual Appliance Software E-LTU

5 Things You Didn t Know About Cloud Backup

Strong Authentication for Secure VPN Access

What Is Cisco Mobile Workspace Solution?

How to Configure Guest Management on the DWC-1000

RSA SecurID Two-factor Authentication

Business Case for Voltage Secur Mobile Edition

THE SECURITY OF HOSTED EXCHANGE FOR SMBs

The ForeScout Difference

Cloudessa AAA and Captive Portal Cloud Service

Transcription:

solution brief ID Manager Leverage the Cloud to Simplify and Automate Enterprise Guest Management

Several trends have recently emerged to ignite the requirement for enterprise guest management. One is BYOD, which makes guests virtually certain to have an internet-enabled device that they will want to use while visiting the enterprise. As WiFi becomes the dominant access method of choice, guests have increasingly come to expect wireless access anywhere and from any device. It is becoming more important than ever to provide differentiated access to individual guests, since their profiles can range from unknown onetime visitor to long-standing contractor to board member. When on the network, guests may exchange sensitive company information and even passwords, making an open guest network a significant risk. In the past, provisioning secure, identity-based enterprise guest management has required the attention of an already overstretched IT staff and front desk personnel to administer credentials. Today s enterprises need a solution that is simple to administer and even simpler to deploy. In addition, guest management should not require additional dedicated infrastructure, available only to a few individuals with complete training and only in a few locations (typically those with a local guest management server device). The solution should be simple enough for anyone in the enterprise to use, including lobby ambassadors, receptionists and employees. Secure guest accounts must also be easy to take down, to ensure that connections don t remain open longer than necessary. Finally, in today s increasingly mobile and BYOD world, the solution needs to be capable of being deployed anywhere and at any time, to securely support enterprise guests. Aerohive has revolutionized network access by leveraging the cloud to provide simple, secure, and scalable connectivity and management. Our unique, cloud-based HiveManager Online network management system enables enterprises to bring up WLANs and branch office networks with unprecedented ease, while eliminating the cost and complexity of additional centralized datacenter infrastructure. Because the Aerohive system is truly distributed with only centralized network management, a WAN outage has no effect on network services. Now Aerohive brings this same model to enterprise guest management with ID Manager. Aerohive s ID Manager is the first system to leverage the cloud to simplify and automate the deployment and maintenance of enterprise guest management. ID Manager combines industry-leading authentication integration with the deployment-tested Aerohive Cloud Services platform to eliminate the need for any additional hardware or software. ID Manager delivers a scalable, easy-touse enterprise guest management solution that streamlines the on-boarding of visitors of all types. Whether required at a single site or over a globally 2 Copyright 2012, Aerohive Networks, Inc.

distributed, multi-lingual network, ID Manager s cloud-enabled flexibility provides a complete solution for every site. No hardware, no software, no hassles. How It Works One of the most difficult concepts in provisioning a fully functional guest management system is the fact that all guests are not the same. Some visitors only need internet access, while long term contractors or VIP guests, such as board members, may need extensive access to corporate applications or resources. A simple one size fits all guest network does not provide the granularity that is needed to deliver this differentiated access. The missing element is authentication integration, which is usually a costly and complex procedure requiring significant expertise in working with AAA infrastructure and often leads to additional hardware, software, and licensing expenses beyond the existing network infrastructure. All Aerohive devices run HiveOS, Aerohive s network operating system, and already provide industry-leading authentication services and integration with existing directory services. ID Manager leverages this capability, already built in to our existing devices, and uses Radsec to create an authentication-specific private connection between the Aerohive devices and the Aerohive Cloud Services Platform. This allows you to globally set security policies for any guest, and allows employees to instantly authorize enterprise visitors, which are then policed by corporate use policy, anywhere in the world. Multiple secure guest profiles can be established and automatically applied to the visitor from casual guests to fully secure temporary employees ensuring that every guest has precisely the access you intend without requiring intervention from IT or helpdesk staff. By leveraging the cloud, ID Manager can be deployed to any office, anywhere in the world - instantly. There is no additional hardware or software to buy; the cloud vastly simplifies the deployment and maintenance of guest management for anything from a single site to a global roll-out. ID Manager handles secure, profile-based access for thousands of concurrent users and integrates with existing RADIUS systems to streamline deployments and meet compliance mandates. Guest access profiles are fully configurable, allowing IT to determine not only what resources the guest can access, but when and for how long. All communications can also be protected by Aerohive s innovative Private Pre- Shared Key, or PPSK. Traditional PSKs, where all users get the same network password, are simply not secure enough for use outside the home. Aerohive s Private PSKs are unique pre-shared keys that are created for individual users on the same SSID. They allow users to be individually identified and authenticated, similar to the experience with 802.1X or RADIUS authentication, but without the overhead to IT. PPSK ensures that each device has its own secret password with Copyright 2012, Aerohive Networks, Inc. 3

Use Cases configurable expiration time. Of course, traditional username/password authentication is also supported for use with 802.1X (WPA2-Enterprise) or Captive Web Portals. Let s take a look at four common use cases that an enterprise guest management system would deal with every day. They include: Lobby Ambassador Creates Guest Account Guest Self-Registration Employee Sponsorship for Guest Account Bulk Guest Account Creation Lobby Ambassador Creates Guest Account In this common use case, a lobby ambassador, receptionist, or guard is responsible for signing in the guest, as well as for provisioning their network access. Although most guests would not think about a need for security while onsite, they may well be accessing sensitive or password-protected information. Each user needs to have a secure connection, even if all they are doing is surfing the internet. Unfortunately, the combination of different devices and different user types can be baffling for a front desk person, while handling every visitor and devices type is overwhelming for IT. ID Manager makes it simple. The person at the front desk simply creates an account, and credentials are printed, e-mailed, or sent via SMS to the guest, making it even faster and easier for them to get the access that they need. Guest Self-Registration ID Manager also allows for a self-service portal to be created and served via a simple web browser, in the case where there is no lobby staff. In this case, guests simply login to the web portal, enter their name, and specify how they would like to have their credentials immediately forwarded to them. Methods include SMS, email, directly on the screen, or Twitter direct message. To enable selfregistration, IT administrators just provision web-enabled computers or tablets in the lobby and set the guest policy through their HiveManager interface. Admins can specify encryption, time until expiration, and device profiles for registrations. The Aerohive Cloud Services platform allows ID Manager to automatically be translated into the local language. More than a dozen languages are in the works with more being added every month. 4 Copyright 2012, Aerohive Networks, Inc.

Summary Employee Sponsorship for Guest Account In some instances, employees may want to sign up a guest that they know is coming into the office. ID Manager makes it easy and doesn t require the help of IT staff or helpdesk personnel. An intuitive web-based interface allows an employee to sponsor a guest or group of guests from any internet-connected device. This feature allows any authorized employee to provision their visitors with secure access while enforcing corporate use policy and providing IT with an audit trail that shows which employee authorized which visitor. Bulk Guest Account Creation Still another feature of ID Manager is bulk guest account creation. This feature, which can also be used by employee sponsors, allows the simultaneous creation of many guest accounts. ID Manager can use SMS to send credentials to a valid phone number, adding a layer of verification to the user s identity. Credentials can also be sent by e-mail or shown on a web page. Once enabled, the network will automatically administer the appropriate access to resources based on the security policy assigned. Enterprise guest access is becoming something that visitors expect wherever they are, from any device. By leveraging the cloud, Aerohive s ID Manager makes it easy and cost effective to give your guests access to exactly what they need. ID Manager provides enterprise guest management that ensures the connections are safe and secure, both for the visitors and for the guests themselves. Copyright 2012, Aerohive Networks, Inc. 5

About Aerohive Aerohive Networks reduces the cost and complexity of today s networks with cloud-enabled, distributed Wi-Fi and routing solutions for enterprises and medium sized companies including branch offices and teleworkers. Aerohive s award-winning cooperative control Wi-Fi architecture, public or private cloudenabled network management, routing and VPN solutions eliminate costly controllers and single points of failure. This gives its customers mission critical reliability with granular security and policy enforcement and the ability to start small and expand without limitations. Aerohive was founded in 2006 and is headquartered in Sunnyvale, Calif. The company s investors include Kleiner Perkins Caufield & Byers, Lightspeed Venture Partners, Northern Light Venture Capital and New Enterprise Associates, Inc. (NEA). Corporate Headquarters EMEA Headquarters Aerohive Networks, Inc. Aerohive Networks Europe LTD 330 Gibraltar Drive Sequel House Sunnyvale, California 94089 USA The Hart Phone: 408.510.6100 Surrey, UK GU9 7HW Toll Free: 1.866.918.9918 +44 (0)1252 736590 Fax: 408.510.6199 Fax: +44 (0)1252711901 info@aerohive.com www.aerohive.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information