5 best practices for guest Wi-Fi access
Pay attention to security, bandwidth and application visibility when rolling out a wireless network upgrade
Upgrading your wireless network requires a lot of attention. Although there are many ways to conﬁgure and use Wi-Fi, best-in-class organizations should apply these five strategies to get the most out of their networks.
1. Predict changes
There’s nothing riskier than a Wi-Fi network that is left unattended. Over time, people are added, moved, or replaced. Desks and other furniture in the environment change. A wireless network that isn’t maintained to keep up with these changes degrades over time and provides less-than-exceptional service to users.
However, the chipset power embedded into each access point allows today’s wireless LAN (WLAN) infrastructure to be very fault-tolerant. A good WLAN can survive the loss of access points and the addition of new ones. Radio interference would be proactively managed minimizing the effect. All complex configurations and dynamic management of radio channels would be addressed in every AP.
2. Use intelligent wireless products
Gone are the days when you had to manage and configure each wireless access point manually and separately. The tedious job of continuously adjusting power levels, channel assignments or enabling hot spare APs has gone the way of the Dodo bird.
Today’s distributed intelligence Wi-Fi technology can handle mobility, keeping an IP address and connection alive while a user on a VoIP call walks between rooms, floors and even buildings. You should invest in a Wi-Fi network that not only handles mobility, but also handles all kinds of traffic including voice and video conversations, document and screen sharing and team collaboration with a bunch of people working on the same document at the same time.
3. Understand the application and prioritize
In most networks, as soon as the WLAN network is turned on, every smartphone in the building is automatically connected to the network. These devices continue to consume bandwidth, even when no one is using them. Add to that applications working in the background (such as automatic backup, software updates, application updates, voice recognition software) and you end up with a wireless network near capacity without a single active user!
The solution isn’t to prohibit casual use. It is to make sure that mission-critical applications, (such as VoIP/unified communications, video collaboration, document sharing, transaction processing, and business uses), get priority over non-business and casual use. Look for Wi-Fi solutions that provide application visibility and control, such as the Alcatel-Lucent OmniAccess® Stellar wireless portfolio, so you can throttle bandwidth depending on specific rules, automatically and dynamically.
4. Develop a guest access policy
Supporting guest access is generally a given in today’s enterprise wireless installations. Guests commonly have a legitimate need to connect to the Internet while visiting an organization. Although some road warriors may use alternative technologies, such as 4G or LTE to bypass local Wi-Fi networks, it is important to plan if and how other guests will connect to the organization’s WLAN.
Of course, these guests shouldn’t require much access to anything inside the normal enterprise network — printing, perhaps, being the occasional exception. Therefore, securing connections to ensure that guest users do not gain elevated privileges is important.
Common alternatives, such as requiring guests to preregister Media Access Control (MAC) addresses or obtain a temporary user name and password, tend to be cumbersome and should be avoided. One bad result of a guest policy that is poorly developed or difficult to follow is that staff members might spend valuable time trying to get their visitors logged on to the wireless network. Or, even worse, a staff member might share his access with a guest to connect directly to the internal wired network to bypass issues with the guest access rules and process.
Guest policies must balance requirements for accountability and prevention with the goal of making it simple and quick. There are a lot automated systems able to deliver this, however the best and most secure way to get this done is to have an intelligent WLAN system which understands when a guest connects, throttle the bandwidth depending on the application used and tunnel the traffic up to the router for the internet connection.
5. Maximum security from the beginning
Security has always been very important especially when dealing with wireless networks. There are various methods today to build it, however the best would be to have NAC (Network Access Control) not only for WLAN but for LAN users as well. One single point of management can guarantee the highest level of access security no matter the type of connection (wired or wireless) NAC meshes well with wireless deployments because the wireless authentication standard — known as Wi-Fi Protected Access 2 (WPA3 is currently under development, considering the recent vulnerabilities found in WPA2) uses 802.1X, which is a convenient method for passing NAC information between clients and servers. There are many network management systems that streamline and minimize the complexity from a NAC deployment for the network infrastructure.
These are the five basic rules to follow for providing users with the best experience while keeping the administrator happy with short and relatively simple configurations. The network infrastructure itself will take care of the most cumbersome and boring tasks needed for the optimal operation of the network infrastructure.
For more information about an access point solution that addresses these issues, read about the Alcatel-Lucent OmniAccess Stellar WLAN solution
ALE OmniSwitch es probablemente el conmutador más seguro de…
OmniSwitch es el conmutador de preferencia para ofrecer la seguridad de red de confianza cero que exigen los gobiernos
Las empresas recogen los frutos del trabajo híbrido con UCa…
El puesto de trabajo híbrido con UCaaS le permite beneficiarse de una mejor productividad de los empleados y satisfacción del cliente, un modelo operativo reducido y una gran rentabilidad de la inversión.
3 componentes clave para conseguir un lugar de trabajo digi…
Con la base adecuada, las Administraciones crean puestos de trabajo digitales seguros con mejores comunicaciones, colaboración y prestación de servicios.
La ciberseguridad del campus en la era del ransomware
El uso de estrategias para reducir las amenazas a la ciberseguridad del campus puede ayudar a limitar el acceso a actores perniciosos y reducir su exposición.