SlideShare a Scribd company logo

Securing Your Guest Network

Wavecrest Computing
Wavecrest Computing

CyBlock Appliance minimizes the complexity of delivering guest access to the Internet for a broad range of mobile devices, helping to increase the productivity of both guest users and IT staff. CyBlock Appliance may be just the solution you need in deploying or updating your captive portal to secure your wireless guest network.

Technology
1 of 5
Download to read offline
www.wavecrest.net WavecrestTechBrief® Securing Your Guest Network
Wavecrest Computing Securing Your Guest Network page 2 Introduction Have you recently logged on to a public Wi-Fi network in a hotel, a coffee shop, an airport, or another venue that offers free Internet access? If so, you may have seen a logon page otherwise known as a captive portal page. It looks like a regular Web page, and most people click through the logon process without giving it much thought. But there are some important aspects to a captive portal that organizations need to understand if they are the ones offering free wireless guest access. When a user first logs on to a network with a captive portal, a Web page is presented that requires certain actions before Internet access is granted. A simple captive portal forces the user to at least look at, if not read, an Acceptable Use Policy (AUP) page, and then click or tap a button indicating agreement to the terms of the policy. The captive portal page is customizable, which allows for organizations to add their company logo and own message or policy text to the logon page. Captive Portal Page A captive portal provides the ability to set day and time limits to the guest access so that they automatically expire after a certain amount of time. Organizations do not want to give guest users indefinite access because they will then be able to log on whenever they want. With a captive portal, IT administrators can track and report on guest account activity. They can get high-level usage and trend reports along with detailed reports to meet management requirements. In some organizations, usage reports on where the Web traffic is coming from in the network, that is, wired or wireless, reveal that more than 75% of all Internet bandwidth being consumed is from wireless users. This may be true in college systems and hospitals that have a large number of mobile device users, but similar trends have been seen in the enterprise and even retail environment. Many times, small businesses or even hospitals will provide their guests with free access to their wireless networks without using a captive portal solution. This can have many negative consequences for both their guest users and their business. From legal issues to your bottom line, implementing a captive portal should be a fundamental part of your overall business strategy. Benefits of a Captive Portal The benefits of a captive portal are many and include the ability to monitor unmanaged devices, implement bandwidth throttling, separate Web traffic, and reduce legal liability.
Wavecrest Computing Securing Your Guest Network page 3 With free guest access, your guests’ unmanaged devices are completely in their control, and the enterprise is unable to enforce any device policies. This means no configuration profiles to enforce device settings increasing the probability of security threats. For instance, smartphones can be infected by malware from personal e-mail accounts over the cellular connection and then forward the contents inside the network through the internal wireless connection. A captive portal can block this security threat as well as other inappropriate Web use to protect the network. Even when a simple captive portal is used in a free public network, certain individuals may repeatedly connect, using the network on an almost continuous basis to download music, videos, or other large files. This activity, called bandwidth hogging, can be minimized by managing bandwidth using the captive portal. Bandwidth throttling can control the speed at which large files are downloaded, limit the size of files that can be downloaded, or block connections to cloud apps commonly used for downloading large files. A captive portal allows for the separation of guest traffic from corporate traffic. This has tons of security benefits including keeping untrusted users away from confidential resources. Guest users should have limited access inside the corporate network. To ensure the health and well-being of the corporate network as well as the security of the organization’s information assets, it is imperative to restrict guest access. Providing free Internet service does not mean that you are always providing secure Internet service. An AUP on your captive portal ensures that users understand just that. It can contain a statement outlining the conditions that guests must agree to before they are granted access to the Wi-Fi network. This relieves your company of some of the liability if a guest user is the offender or victim of illegal activity on your Wi-Fi network. To help secure your guest network, Wavecrest offers CyBlock Appliance—a turnkey, Web-security hardware solution that blocks Web sites, malware, IM, P2P, streaming, file sharing, and more. Some of the product’s features are summarized below. The CyBlock Appliance Approach Advanced Web Filtering With 70-plus standard content categories including cloud service categories and an unlimited number of custom categories, CyBlock Appliance provides threat protection for your guest network. IT administrators are able to block malicious Web sites as well as cloud applications and services that threaten the health of the corporate network. Direct Traffic Management With CyBlock Appliance inline in your network, you can filter all Web traffic flowing through both private and public Wi-Fi networks, that is, monitor managed as well as unmanaged devices. With the Direct Traffic feature enabled, policy settings can be applied to all direct traffic including guest network traffic. The proxy will see all Web traffic regardless if a proxy port is set in the browser. This is a necessary feature to redirect traffic from unmanaged devices in your guest network in order for the proxy to monitor and filter the Web traffic. Bandwidth Management With CyBlock’s Bandwidth Management feature, IT administrators can throttle guest network traffic by content category or group to optimize bandwidth usage, keeping important business operations running smoothly for the organization. A cloud service category detected as hogging bandwidth, such as Video
Wavecrest Computing Securing Your Guest Network page 4 Streaming or Audio Streaming, can be blocked, or its bandwidth can be capped, limiting noncritical data usage. With tiered-threshold capability, the enterprise is able to implement several policies being as restrictive as necessary based on the amount of bandwidth being consumed. User Authentication Using a captive portal with CyBlock Appliance, guests are identified with a guest ID. The captive portal can be set up so that guests can access the corporate network by accepting the AUP. A wider range of devices in the organization, such as laptops, tablets, and smartphones, can be supported. With AUP Only authentication, guests will not be prompted to accept the AUP again until one hour after idle time or one day from AUP acceptance. The captive portal supports authenticating users who are filtered in transparent proxy mode as mentioned earlier with CyBlock Appliance inline. Captive Portal in Your Guest Network With CyBlock Appliance Summary With its easy setup, a captive portal is a feasible solution to secure your organization’s guest network. A captive portal works well for users who want to access your guest network with devices, such as laptops, tablets, and smartphones. It requires guest users to accept an AUP before they can browse the Internet. A good captive portal has the ability to provide a myriad of benefits to your guest network, such as monitoring unmanaged devices, throttling bandwidth, reducing legal liability, and much more. CyBlock Appliance minimizes the complexity of delivering guest access to the Internet for a broad range of mobile devices, helping to increase the productivity of both guest users and IT staff. CyBlock Appliance may be just the solution you need in deploying or updating your captive portal to secure your wireless guest network.
Wavecrest Computing 904 East New Haven Avenue Melbourne, FL 32901 toll-free: 877-442-9346 voice: 321-953-5351 fax: 321-953-5350 www.wavecrest.net All specifications subject to change without notice. © Copyright 2016 Wavecrest Computing Incorporated. All rights reserved. About Wavecrest Computing Since 1996, Wavecrest Computing has provided business and government clients with reliable, accurate employee Web-access security, employee Web-use monitoring and analytics, and Cloud Access Security Broker (CASB) solutions. IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin® and CyBlock® products to manage employee Internet usage with today’s distributed workforce in mind–reducing liability risks, improving productivity, managing cloud services, saving bandwidth, and controlling costs. Wavecrest has over 3,000 clients worldwide, including Blue Cross Blue Shield, MillerCoors, National Grid, Rolex, Siemens, Superior Court of California, U.S. Dept. of Veterans Affairs, and a growing list of global enterprises and government agencies. For more information on our company, products, and partners, visit www.wavecrest.net.

Recommended

Dream Metamorphose Module 3 - Preparation (3 of 3)
Dream Metamorphose Module 3 - Preparation (3 of 3)Dream Metamorphose Module 3 - Preparation (3 of 3)
Dream Metamorphose Module 3 - Preparation (3 of 3)
katawhy
 
Optimize & Monetize Guest Internet
Optimize & Monetize Guest InternetOptimize & Monetize Guest Internet
Optimize & Monetize Guest Internet
ElevenBiz
 
8 BYOD Security Tips
8 BYOD Security Tips8 BYOD Security Tips
8 BYOD Security Tips
Sims Recycling Solutions
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theft
guest3151b0
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutions
abe8512000
 
Wifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wiWifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wi
niravmahida
 
Protection against Lost or Stolen Data with Novell ZENworks Endpoint Security...
Protection against Lost or Stolen Data with Novell ZENworks Endpoint Security...Protection against Lost or Stolen Data with Novell ZENworks Endpoint Security...
Protection against Lost or Stolen Data with Novell ZENworks Endpoint Security...
Novell
 
Internet Operations
Internet OperationsInternet Operations
Internet Operations
thinkict
 

Recommended

Dream Metamorphose Module 3 - Preparation (3 of 3)
Dream Metamorphose Module 3 - Preparation (3 of 3)Dream Metamorphose Module 3 - Preparation (3 of 3)
Dream Metamorphose Module 3 - Preparation (3 of 3)
katawhy
 
Optimize & Monetize Guest Internet
Optimize & Monetize Guest InternetOptimize & Monetize Guest Internet
Optimize & Monetize Guest Internet
ElevenBiz
 
8 BYOD Security Tips
8 BYOD Security Tips8 BYOD Security Tips
8 BYOD Security Tips
Sims Recycling Solutions
 
Matt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity TheftMatt Luallen Explains What, How and Responding to Identity Theft
Matt Luallen Explains What, How and Responding to Identity Theft
guest3151b0
 
Computrace Laptop Security Solutions
Computrace Laptop Security SolutionsComputrace Laptop Security Solutions
Computrace Laptop Security Solutions
abe8512000
 
Wifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wiWifi Security for SOHOs: Cyberoam UTM CR15wi
Wifi Security for SOHOs: Cyberoam UTM CR15wi
niravmahida
 
Protection against Lost or Stolen Data with Novell ZENworks Endpoint Security...
Protection against Lost or Stolen Data with Novell ZENworks Endpoint Security...Protection against Lost or Stolen Data with Novell ZENworks Endpoint Security...
Protection against Lost or Stolen Data with Novell ZENworks Endpoint Security...
Novell
 
Internet Operations
Internet OperationsInternet Operations
Internet Operations
thinkict
 
Cyfin Reporting Capabilities Datasheet
Cyfin Reporting Capabilities DatasheetCyfin Reporting Capabilities Datasheet
Cyfin Reporting Capabilities Datasheet
Wavecrest Computing
 
Reporting Types and Smart Engine Analytics
Reporting Types and Smart Engine AnalyticsReporting Types and Smart Engine Analytics
Reporting Types and Smart Engine Analytics
Wavecrest Computing
 
Forensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet ActivityForensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet Activity
Wavecrest Computing
 
Why Wavecrest
Why WavecrestWhy Wavecrest
Why Wavecrest
Wavecrest Computing
 
Why CyBlock Software
Why CyBlock SoftwareWhy CyBlock Software
Why CyBlock Software
Wavecrest Computing
 
Why CyBlock Appliance
Why CyBlock ApplianceWhy CyBlock Appliance
Why CyBlock Appliance
Wavecrest Computing
 
Why CyBlock Hybrid
Why CyBlock HybridWhy CyBlock Hybrid
Why CyBlock Hybrid
Wavecrest Computing
 
Cyblock Cloud - Effortless Integration With ConnectWise
Cyblock Cloud - Effortless Integration With ConnectWiseCyblock Cloud - Effortless Integration With ConnectWise
Cyblock Cloud - Effortless Integration With ConnectWise
Wavecrest Computing
 
MSP Partner Program
MSP Partner ProgramMSP Partner Program
MSP Partner Program
Wavecrest Computing
 
Interpreting Behavioral Analytics With Reliable Metrics
Interpreting Behavioral Analytics With Reliable MetricsInterpreting Behavioral Analytics With Reliable Metrics
Interpreting Behavioral Analytics With Reliable Metrics
Wavecrest Computing
 
Authentication With Captive Portal
Authentication With Captive PortalAuthentication With Captive Portal
Authentication With Captive Portal
Wavecrest Computing
 
Big or Small, it can happen to your business!
Big or Small, it can happen to your business!Big or Small, it can happen to your business!
Big or Small, it can happen to your business!
Wavecrest Computing
 
Morning Tech Talk Cybersecurity
Morning Tech Talk Cybersecurity Morning Tech Talk Cybersecurity
Morning Tech Talk Cybersecurity
Wavecrest Computing
 
About wavecrest Computing
About wavecrest ComputingAbout wavecrest Computing
About wavecrest Computing
Wavecrest Computing
 
Cyfin Solution Brief
Cyfin Solution BriefCyfin Solution Brief
Cyfin Solution Brief
Wavecrest Computing
 
Detect, Analyze, and Manage Cloud Services in the Enterprise
Detect, Analyze, and Manage Cloud Services in the EnterpriseDetect, Analyze, and Manage Cloud Services in the Enterprise
Detect, Analyze, and Manage Cloud Services in the Enterprise
Wavecrest Computing
 
Cyblock IOS App Datasheet
Cyblock IOS App DatasheetCyblock IOS App Datasheet
Cyblock IOS App Datasheet
Wavecrest Computing
 
Cloud syncwith active Directory
Cloud syncwith active DirectoryCloud syncwith active Directory
Cloud syncwith active Directory
Wavecrest Computing
 
CyBlock SSL Inspection Tech Brief
CyBlock SSL Inspection Tech BriefCyBlock SSL Inspection Tech Brief
CyBlock SSL Inspection Tech Brief
Wavecrest Computing
 
Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...
Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...
Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...
Wavecrest Computing
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
naman860154
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 

More Related Content

More from Wavecrest Computing

Forensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet ActivityForensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet Activity
Wavecrest Computing
 
About wavecrest Computing
About wavecrest ComputingAbout wavecrest Computing
About wavecrest Computing
Wavecrest Computing
 
CyBlock SSL Inspection Tech Brief
CyBlock SSL Inspection Tech BriefCyBlock SSL Inspection Tech Brief
CyBlock SSL Inspection Tech Brief
Wavecrest Computing
 
Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...
Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...
Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...
Wavecrest Computing
 

More from Wavecrest Computing (20)

Cyfin Reporting Capabilities Datasheet
Cyfin Reporting Capabilities DatasheetCyfin Reporting Capabilities Datasheet
Cyfin Reporting Capabilities Datasheet
 
Reporting Types and Smart Engine Analytics
Reporting Types and Smart Engine AnalyticsReporting Types and Smart Engine Analytics
Reporting Types and Smart Engine Analytics
 
Forensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet ActivityForensic Investigation of Employee Internet Activity
Forensic Investigation of Employee Internet Activity
 
Why Wavecrest
Why WavecrestWhy Wavecrest
Why Wavecrest
 
Why CyBlock Software
Why CyBlock SoftwareWhy CyBlock Software
Why CyBlock Software
 
Why CyBlock Appliance
Why CyBlock ApplianceWhy CyBlock Appliance
Why CyBlock Appliance
 
Why CyBlock Hybrid
Why CyBlock HybridWhy CyBlock Hybrid
Why CyBlock Hybrid
 
Cyblock Cloud - Effortless Integration With ConnectWise
Cyblock Cloud - Effortless Integration With ConnectWiseCyblock Cloud - Effortless Integration With ConnectWise
Cyblock Cloud - Effortless Integration With ConnectWise
 
MSP Partner Program
MSP Partner ProgramMSP Partner Program
MSP Partner Program
 
Interpreting Behavioral Analytics With Reliable Metrics
Interpreting Behavioral Analytics With Reliable MetricsInterpreting Behavioral Analytics With Reliable Metrics
Interpreting Behavioral Analytics With Reliable Metrics
 
Authentication With Captive Portal
Authentication With Captive PortalAuthentication With Captive Portal
Authentication With Captive Portal
 
Big or Small, it can happen to your business!
Big or Small, it can happen to your business!Big or Small, it can happen to your business!
Big or Small, it can happen to your business!
 
Morning Tech Talk Cybersecurity
Morning Tech Talk Cybersecurity Morning Tech Talk Cybersecurity
Morning Tech Talk Cybersecurity
 
About wavecrest Computing
About wavecrest ComputingAbout wavecrest Computing
About wavecrest Computing
 
Cyfin Solution Brief
Cyfin Solution BriefCyfin Solution Brief
Cyfin Solution Brief
 
Detect, Analyze, and Manage Cloud Services in the Enterprise
Detect, Analyze, and Manage Cloud Services in the EnterpriseDetect, Analyze, and Manage Cloud Services in the Enterprise
Detect, Analyze, and Manage Cloud Services in the Enterprise
 
Cyblock IOS App Datasheet
Cyblock IOS App DatasheetCyblock IOS App Datasheet
Cyblock IOS App Datasheet
 
Cloud syncwith active Directory
Cloud syncwith active DirectoryCloud syncwith active Directory
Cloud syncwith active Directory
 
CyBlock SSL Inspection Tech Brief
CyBlock SSL Inspection Tech BriefCyBlock SSL Inspection Tech Brief
CyBlock SSL Inspection Tech Brief
 
Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...
Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...
Prioritize network traffic and increase network QoS with CyBlock Bandwidth Ma...
 

Recently uploaded

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
Delhi Call girls
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
Delhi Call girls
 

Recently uploaded (20)

Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
Strategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a FresherStrategies for Landing an Oracle DBA Job as a Fresher
Strategies for Landing an Oracle DBA Job as a Fresher
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 

Securing Your Guest Network

  • 2. Wavecrest Computing Securing Your Guest Network page 2 Introduction Have you recently logged on to a public Wi-Fi network in a hotel, a coffee shop, an airport, or another venue that offers free Internet access? If so, you may have seen a logon page otherwise known as a captive portal page. It looks like a regular Web page, and most people click through the logon process without giving it much thought. But there are some important aspects to a captive portal that organizations need to understand if they are the ones offering free wireless guest access. When a user first logs on to a network with a captive portal, a Web page is presented that requires certain actions before Internet access is granted. A simple captive portal forces the user to at least look at, if not read, an Acceptable Use Policy (AUP) page, and then click or tap a button indicating agreement to the terms of the policy. The captive portal page is customizable, which allows for organizations to add their company logo and own message or policy text to the logon page. Captive Portal Page A captive portal provides the ability to set day and time limits to the guest access so that they automatically expire after a certain amount of time. Organizations do not want to give guest users indefinite access because they will then be able to log on whenever they want. With a captive portal, IT administrators can track and report on guest account activity. They can get high-level usage and trend reports along with detailed reports to meet management requirements. In some organizations, usage reports on where the Web traffic is coming from in the network, that is, wired or wireless, reveal that more than 75% of all Internet bandwidth being consumed is from wireless users. This may be true in college systems and hospitals that have a large number of mobile device users, but similar trends have been seen in the enterprise and even retail environment. Many times, small businesses or even hospitals will provide their guests with free access to their wireless networks without using a captive portal solution. This can have many negative consequences for both their guest users and their business. From legal issues to your bottom line, implementing a captive portal should be a fundamental part of your overall business strategy. Benefits of a Captive Portal The benefits of a captive portal are many and include the ability to monitor unmanaged devices, implement bandwidth throttling, separate Web traffic, and reduce legal liability.
  • 3. Wavecrest Computing Securing Your Guest Network page 3 With free guest access, your guests’ unmanaged devices are completely in their control, and the enterprise is unable to enforce any device policies. This means no configuration profiles to enforce device settings increasing the probability of security threats. For instance, smartphones can be infected by malware from personal e-mail accounts over the cellular connection and then forward the contents inside the network through the internal wireless connection. A captive portal can block this security threat as well as other inappropriate Web use to protect the network. Even when a simple captive portal is used in a free public network, certain individuals may repeatedly connect, using the network on an almost continuous basis to download music, videos, or other large files. This activity, called bandwidth hogging, can be minimized by managing bandwidth using the captive portal. Bandwidth throttling can control the speed at which large files are downloaded, limit the size of files that can be downloaded, or block connections to cloud apps commonly used for downloading large files. A captive portal allows for the separation of guest traffic from corporate traffic. This has tons of security benefits including keeping untrusted users away from confidential resources. Guest users should have limited access inside the corporate network. To ensure the health and well-being of the corporate network as well as the security of the organization’s information assets, it is imperative to restrict guest access. Providing free Internet service does not mean that you are always providing secure Internet service. An AUP on your captive portal ensures that users understand just that. It can contain a statement outlining the conditions that guests must agree to before they are granted access to the Wi-Fi network. This relieves your company of some of the liability if a guest user is the offender or victim of illegal activity on your Wi-Fi network. To help secure your guest network, Wavecrest offers CyBlock Appliance—a turnkey, Web-security hardware solution that blocks Web sites, malware, IM, P2P, streaming, file sharing, and more. Some of the product’s features are summarized below. The CyBlock Appliance Approach Advanced Web Filtering With 70-plus standard content categories including cloud service categories and an unlimited number of custom categories, CyBlock Appliance provides threat protection for your guest network. IT administrators are able to block malicious Web sites as well as cloud applications and services that threaten the health of the corporate network. Direct Traffic Management With CyBlock Appliance inline in your network, you can filter all Web traffic flowing through both private and public Wi-Fi networks, that is, monitor managed as well as unmanaged devices. With the Direct Traffic feature enabled, policy settings can be applied to all direct traffic including guest network traffic. The proxy will see all Web traffic regardless if a proxy port is set in the browser. This is a necessary feature to redirect traffic from unmanaged devices in your guest network in order for the proxy to monitor and filter the Web traffic. Bandwidth Management With CyBlock’s Bandwidth Management feature, IT administrators can throttle guest network traffic by content category or group to optimize bandwidth usage, keeping important business operations running smoothly for the organization. A cloud service category detected as hogging bandwidth, such as Video
  • 4. Wavecrest Computing Securing Your Guest Network page 4 Streaming or Audio Streaming, can be blocked, or its bandwidth can be capped, limiting noncritical data usage. With tiered-threshold capability, the enterprise is able to implement several policies being as restrictive as necessary based on the amount of bandwidth being consumed. User Authentication Using a captive portal with CyBlock Appliance, guests are identified with a guest ID. The captive portal can be set up so that guests can access the corporate network by accepting the AUP. A wider range of devices in the organization, such as laptops, tablets, and smartphones, can be supported. With AUP Only authentication, guests will not be prompted to accept the AUP again until one hour after idle time or one day from AUP acceptance. The captive portal supports authenticating users who are filtered in transparent proxy mode as mentioned earlier with CyBlock Appliance inline. Captive Portal in Your Guest Network With CyBlock Appliance Summary With its easy setup, a captive portal is a feasible solution to secure your organization’s guest network. A captive portal works well for users who want to access your guest network with devices, such as laptops, tablets, and smartphones. It requires guest users to accept an AUP before they can browse the Internet. A good captive portal has the ability to provide a myriad of benefits to your guest network, such as monitoring unmanaged devices, throttling bandwidth, reducing legal liability, and much more. CyBlock Appliance minimizes the complexity of delivering guest access to the Internet for a broad range of mobile devices, helping to increase the productivity of both guest users and IT staff. CyBlock Appliance may be just the solution you need in deploying or updating your captive portal to secure your wireless guest network.
  • 5. Wavecrest Computing 904 East New Haven Avenue Melbourne, FL 32901 toll-free: 877-442-9346 voice: 321-953-5351 fax: 321-953-5350 www.wavecrest.net All specifications subject to change without notice. © Copyright 2016 Wavecrest Computing Incorporated. All rights reserved. About Wavecrest Computing Since 1996, Wavecrest Computing has provided business and government clients with reliable, accurate employee Web-access security, employee Web-use monitoring and analytics, and Cloud Access Security Broker (CASB) solutions. IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin® and CyBlock® products to manage employee Internet usage with today’s distributed workforce in mind–reducing liability risks, improving productivity, managing cloud services, saving bandwidth, and controlling costs. Wavecrest has over 3,000 clients worldwide, including Blue Cross Blue Shield, MillerCoors, National Grid, Rolex, Siemens, Superior Court of California, U.S. Dept. of Veterans Affairs, and a growing list of global enterprises and government agencies. For more information on our company, products, and partners, visit www.wavecrest.net.