Wireless connectivity is becoming the norm, increasing productivity and delivering content at any time and from any place. It is also creating a challenge for IT to provide access that is based on user identity, user role, device ownership, time of the day, location, and application.
Organizations have traditionally used centralized firewalls and web filters to protect the network from the content that can be distracting or even harmful.
At the same time, user identity verification has moved to the edge of the network, to the access points, so security policies at the centralized location may be limited to traditional IP address and port numbers, which is inadequate.
Accessing the network
Secure access to the network requires the user to provide the identity, which can be validated. This means the user has to authenticate before getting access to the network. Today, however, we also look at the device type and ownership, location, time of day, and application that users want to use. This raises a couple of challenges:
- Standard Pre-shared Key (PSK) secured networks do not provide the required context; user identity is unknown which makes PSK security outdated and insufficient
- 802.1x/EAP security requires user and/or device to be authenticated and is considered the best security option for Wi-Fi networks
Keeping users productive and safe
IT administrators are responsible for network health and optimization, facilitating productivity, limiting liability, and satisfying regulatory compliance. To configure network usage policies, IT administrators need to know exactly what is going on in the network at all times.
To keep users safe and productive, IT administrators need to know about the web sites that users are accessing, possible liability issues, and possible inappropriate online behaviors, like cyberbullying. To ensure that network runs smoothly, IT administrators should get timely reports about bandwidth usage trends, data leakages, malware/virus infiltrations, and bandwidth usage by individuals.
Aerohive and Barracuda Integration
Aerohive's Cooperative Control networking infrastructure equipment along with Barracuda Web Filter and NG Firewall provide a comprehensive and robust solution for optimizing the user experience on a mobile-first network. Together, this solution provides many benefits, including:
- Enhanced user-identity awareness and Enforcement– Aerohive devices can provide user identity, device type, and IP address information to the Barracuda Web Filters and NG Firewalls to enhance the UserID functionality that allows Barracuda to create security policies to make policy decisions based on context.
- Client-less Operation– Barracuda's and Aerohive's interactive communication provides seamless, enhanced security to connected clients and the Aerohive devices. All inbound and outbound traffic is forwarded to the Barracuda device without the need to install client profiles or agents.
- Zero-Cost Data Performance – Barracuda gathers information from Aerohive devices as part of normal authentication. There is no in-line performance hit for using this integration to enhance application control on the network.
- Comprehensive Application Visibility and Control – Together, Aerohive and Barracuda Networks allow administrators to enforce application controls at both the edge of the network and at the gateway, ensuring applications are identified and prioritized/de-prioritized/blocked based on context at the ideal enforcement point.
How customers benefit from the Aerohive + Barracuda partnership
Aerohive and Barracuda's synergistic integration provides enterprises with enhanced application and enhancement, as well as regulatory compliance combined with the cloud managed zero-client security solution. Aerohive access points, switches, and routers provide quick remote office connections with integrated DHCP, DNS, routing, wireless, and wired security. Barracuda Web Filter and NG Firewalls integrated with the context available from Aerohive's mobility platform enables businesses to use the same firewall and context-based filtering policies on wired and wireless networks.
Questions or comments? Tweet us @Aerohive.com