To be connected, always and everywhere, it is highly recommended to have a sufficient amount wired and wireless connections in a campus infrastructure. Within the area of secure infrastructure, those requirements are met by a diversity of appropriate solutions such as LAN switches, data center fabrics, wireless access points and controllers. The premise is that the need for connectivity with a secure by design basis. The right components and features are selected from an enterprise security architecture principle.
The need for infrastructure to provide connectivity between the client and the application servers is not new and has existed for decades. The continuous developments to deliver smarter, more efficient solutions with increased flexibility, functionality and manageability offer new opportunities for enterprise organizations.
Developments and needs such as Power over Ethernet (POE+), “new style” high availability (no Spanning Tree), stacking of bandwidth (Aggregated Links), identity aware access (802.1x), programmable systems (SDN), scalability, simplification of operational management etc. require a regular renewal of the LAN and data center infrastructure. Especially the need of network virtualization arises to serve the Defined Data Center (SDDC) architecture.
As security is increasingly integrated in the LAN and often on Layer 2, it is important to look at the connectivity AND the functionality to ensure safety and availability (DHCP spoofing, dynamic ARP inspection, Private VLANs, IP source guard, Rate Limiting, Storm Control, etc.).
- Lower power consumption
- More bandwidth / capacity
- Single Operating System
- Phasing Spanning Tree
- Non- overbooked design
- High availability in an Active Setup
- Integrated Security
- Network Virtualization
- Programmability (puppet , open flow)
- Integration of voice / data on single interfaces and optionally both “tagged “
- Lower TCO
Wireless is now available within most enterprise architectures. How and for whom is less evident however. In the recent years, there have been quite a lot of developments, some still ongoing, in the area of access points; multiple radios, new technologies such as 802.11ac, smart functions for roaming and radio management, control and traffic management (including security) via a central controller, or via a controller-less design, to name some.
The creation of a wireless infrastructure seems simple, but practice has taught us that in addition to choosing the right vendor, a lot of experience and expertise is needed to realize a good wireless architecture.
An ingenious coverage plan, a degree of high availability, the right capacity (in bandwidth and number of users) and functionality are a few conditions for offering a secure wireless in an enterprise environment. That obviously needs to be combined with user authentication for both guests and employees on BYOD, and corporate devices before allowing controlled access to internet or business applications.
At SecureLink, we work with a wireless vendor that develops all products from a security persepective.
- More bandwidth per user
- Authenticated access
- Central controllers or controller-less
- Increased wireless coverage
- Application of new wireless standards
- Scalable and highly available concept
- Integrated Security
- Location based services
- Classification for users and device context
- Integration of voice / data
- Wireless as a Service (WAAS)