Ratification of the 802.11ac standard heralds a new generation of Wi-Fi products and equipment--systems that offer...
more bandwidth and more capabilities than ever before. But the new specification also brings with it some specific management and deployment challenges to the enterprise. In this FAQ, SearchNetworking wireless experts Mike Jude and Joerg Hirschmann discuss some of the issues WLAN administrators will be facing.
How will the new 802.11ac standard affect the enterprise?
The new 802.11ac Wi-Fi standard comes with both exciting upgrades and frustrating obstacles. Overall, the specification will benefit businesses by offering a Wi-Fi experience that mirrors traditional cellular wireless. The modern Wi-Fi standard offers faster speeds and a longer connection reach while requiring less power from remote devices.
Yet enterprises will also want to upgrade their wired infrastructures to get the most benefits from the new standard. Those 10BASE-T Ethernet pipes will have to be upgraded to 1 GbE to get the best experience.
Expert Mike Jude advises businesses to pay attention to coverage and contention issues to ensure a user-transparent transition to the new standard.
Read what Jude says about the benefits and challenges to businesses generated by the 802.11ac standard.
Is policy-based management crucial for mobile remote access?
Ever since the advent of bring your own device, IT departments have experienced a paradigm shift. Network managers who were once responsible for overseeing policies for entire companies are now finding themselves bogged down managing individual devices and operating systems. This added responsibility warrants the creation of a new, policy-based management system to oversee remote devices, according to Joerg Hirschmann.
Hirschmann says that centralizing the administration of remote network access, as well as automating management tasks through policy-based virtual private networks, will help prevent vulnerabilities and data leaks and give administrators more control over a user's connection.
When network managers are dealing with thousands of remote endpoints, streamlining network administration through policy-based VPNs is a viable solution to centralize management.
Read some of the advantages of policy-based management according to Hirschmann.
Do you need separate Wi-Fi subnets in a single building?
Setting up a wireless LAN (WLAN) is more of an art than a science, Mike Jude writes. Because of that, determining the most optimal way to design a WLAN depends on various circumstances, not the least of which is how many people need access. In some instances, a single employee might have two or more devices that need to be connected. Jude writes that other factors, such as how much metal is in a building and how many cubicles need to be reached, are also important considerations.
The bottom line? Businesses can either set up separate subnets for each floor of their buildings or make their entire headquarters a single point of access.
Read the difference between having multiple Wi-Fi subnets versus a single access point.
What is attribute-based access control and how does it improve enterprise security?
Joerg Hirschmann explains that attribute-based access control (ABAC) combined with role-based access control (RBAC) provides an added layer of protection when users are trying to access a network on a remote device.
Hirschmann explains that ABAC relies on two components: device identity control (DIC) as well as user identity control (UIC), which gives an enterprise more control over who has access to its network.
The traditional method of enterprise security used RBAC to grant remote users access to corporate networks. DIC and UIC takes this approach a few steps further by requiring a user to fulfill identity and role requirements before accessing a pre-determined part of the network.
Read about the details of ABAC and its benefits.
Remote access control: Can you stop UIC-, DIC-armed hacker from attack?
Although ABAC improves network access security, no barrier is totally secure. In fact, it is possible for an attacker to obtain the user identity control and device identity control that underpins ABAC, Joerg Hirschmann writes.
Hirschmann says that once an attacker has that information, a lot of damage can be done. But there are steps enterprises can take, he recommends, such as testing the corporate VPN with a "health check" on a regular basis. Taking steps to prevent MAC spoofing on a media access control address is also recommended.
Read what Hirshmann says about creating a certificate container PIN -- and its benefits -- to keep out intruders.