Problem solve Get help with specific problems with your technologies, process and projects.

How to add wireless LAN access control to your portfolio

If you're selling enterprise wireless networks, then you should also be offering WLAN access control tools that manage guest networks, employee devices and embedded Wi-Fi clients.

Channel takeaway: If you've adapted your portfolio to include enterprise-grade wireless LANs (WLANs), then you may find even further income in selling WLAN access control tools.

For enterprises investing millions in wireless network replacements or upgrades, WLAN network access control has never been more important. The need to protect guest networks while simultaneously managing employee-owned and embedded Wi-Fi devices on the WLAN has created new opportunities for wireless channel consultants, resellers, and systems integrators.

In particular, enterprises need more robust, granular strategies to efficiently enable access in accordance with corporate policy, based upon device type, user identity and role. Channel providers can capitalize on this need by understanding past problems, new requirements, viable strategies and products that can be used to authenticate and control WLAN access by guests, employees and embedded devices.

Controlling guest WLAN access

Once upon a time, helping an enterprise offer guest access meant installing an open network with little or no control or supervision. But today, enterprise customers are looking for ways to manage infected devices on the network, hackers aiming at guest networks, employees that abuse guest networks to bypass corporate policies, and uncontrolled competition for shared network resources.

These challenges occur when security is simply bypassed for guests. Channel providers can help by recommending steps and reselling products that improve guest network visibility and provide access controls. Strategies that may be considered include:

  • Built-in and add-on guest management capabilities that won't burden IT
  • Individualized guest access controls that can be tracked and revoked as needed
  • Guest integrity checks to reduce malware risk

To learn more about these strategies, read this article on securing the wireless guest network.

Managing employee WLAN access

Enterprise WLAN security has vastly improved with WPA2-Enterprise now broadly supported by Wi-Fi devices and off-the-shelf operating systems. However, the devil is still in the detail. Enterprises continue to struggle with planning and coordination tasks, including user account management, scalable device provisioning and product mismatches that impede integration.

Channel providers can help by educating their customers about WPA2-Enterprise deployment requirements and best practices. They can also help customers avoid surprises, streamline frequent tasks and meet dependencies before they turn into problems. Topics to discuss include:

  • Best practices for creating and enforcing group policy to control wired and wireless employee access
  • Device fingerprinting solutions for handling employee-owned devices
  • Methods and products that can help automate Wi-Fi client provisioning
  • Satisfying network integration needs, including NAC use of 802.1X

To learn more about these strategies, see this SearchNetworking tip on managing users with WLAN access control.

Controlling embedded Wi-Fi devices on the WLAN

Ubiquitous WLAN coverage is driving demand for non-traditional Wi-Fi devices, including consumer electronics that cannot be configured and controlled like laptops. For channel providers, this means device resale opportunities to satisfy enterprise demand for new devices such as wireless printers, cameras, media players, and displays. However, those sales could be stymied by deployment problems – unless channel providers also deliver sage advice on how to easily secure these new embedded Wi-Fi devices.

In particular, yesterday's "security through obscurity" strategy is largely unacceptable for new Wi-Fi enabled consumer electronic devices. Instead, channel providers must help customers find ways to enable secure use without unacceptable risk or cost. Alternatives worthy of discussion include:

  • Using Wi-Fi Protected Setup to easily create secure embedded device WLANs 
  • Considering Wi-Fi Direct instead of enterprise WLAN access for as-needed connectivity
  • Stepping up to WPA2-Enterprise on devices like smartphones

Learn more about managing embedded Wi-Fi devices on the WLAN in this SearchNetworking tip.

About the author: Lisa A. Phifer is president of Core Competence Inc. She has been involved in the design, implementation and evaluation of data communications, internetworking, security and network management products for more than 20 years and has advised companies large and small regarding security needs, product assessment and the use of emerging technologies and best practices.

Dig Deeper on Wireless networks technology and services

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.