SD-WAN: Many paths, one goal
SD-WAN technology enables use of various WAN access media, including as fixed connections, MPLS networks, DSL and cable modems or 3-5G wireless, and pursues a primary goal – cost-efficient networking while adhering to all necessary SLAs and security aspects.
Whether on the road or from a home office: Covid-19 has increased the importance of mobile working for all computer workstations.
How do you design secure VPN access to offer sufficient connection capacity for all situations and, as in the office, to enable access to all necessary programs and tools? dainox supports you in finding solutions and realising and operating your VPN infrastructure.
Secure access from the internet is always at the fore; the latest encryption mechanisms, sophisticated VPN software and two-factor authentication with one-time password or certificates form the basis for our solutions. Whether a Windows laptop or desktop, Linux PC or mobile devices with iOS and Android. there is a an access option for every situation.
dainox offers complete VPN solutions from Cisco, Meraki and Fortinet as a managed service or supports the design and realisation of an individual approach.
Network access control with the Cisco ISE
- Centralised management through a graphic interface simplifies setup and operation of the NAC environment.
- Integration of external sources such as Microsoft Active Directory or Lightweight Directory Access Protocol
- Use of the standardised Radius protocol for authentication, authorisation and accounting
- Support for a wide range of authentication protocols (PAP, MS-CHAP, EAP-MD5, PEAP, EAP-FAST, EAP-TLS and EAP-TTLS)
- Verification of client certificates via CRL or OSCP
- Profiling and posturing services
- Guest access and BYOD support
- Monitoring and report creation via centralised management
Network access control or identity-based networking
Access to a corporate network is the first hurdle when it comes to accessing important information and applications. As such, network access control (NAC) is becoming increasingly important – and not only for critical infrastructures.
Guest access for WLAN and LAN or mobile devices that cannot be verified to ensure the absence of insecure software and presence of up-to-date virus scanners must not be permitted to obtain the same access rights as company computers with an up-to-date patch status and restricted user rights. ‘Bring Your Own Device’ (BYOD) and external employees with their own hardware play an important role.
The Cisco ISE rules and regulations allow differentiation of user groups and provision of different access rights in LAN and WLAN. Through integration with Windows Active Directory or other LDAP services as well as an existing PKI infrastructure, if applicable, authorised terminal devices are logged on at the first network interface using a username and password or certificate. Unauthorised users are rejected or can receive access as a guest (by voucher) to restricted destinations on the internet and/or the corporate network.
This prevents WLAN and network connections in openly accessible areas of your buildings from becoming a gateway to your infrastructure.
Talk to us – together, we can discuss the options of using a Cisco ISE in your corporate network and, if required, enable an initial non-binding test.
WiFi hotspots for companies and public institutions
Secure WLAN for employees, visitors and customers is a convenient medium, and not only for mobile devices.
Tablets are now suitable for productive work, and today’s laptops increasingly lack LAN ports. WiFi is the solution. But what can easily be achieved with WiFi at home, can be a challenge on a corporate scale. Complete WiFi coverage requires multiple access points, PoE switches for power and an authentication solution that enables differentiation between internal users and guests.
Centrally-controlled WLAN solutions are well established on the market, and cover all of these requirements. The controller allows new access points to be rolled out quickly, monitors them and enables secure access to the network via user logins or guest vouchers.
Solutions from Cisco and Meraki are ideal for companies, schools and other public institutions. We offer this solution as a managed service from dainox; alternatively, our experts can plan and implement your solution.