ebook img

Cisco IT Technology TutorialTechnology Tutorial Guest PDF

36 Pages·2009·1.77 MB·English
by  
Save to my drive
Quick download
Download
Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.

Preview Cisco IT Technology TutorialTechnology Tutorial Guest

Cisco IT TTeecchhnnoollooggyy TTuuttoorriiaall Guest Networking aatt CCiissccoo Oisín Mac Alasdair, Member of Technical Staff JJuullyy 22000099 Produced by the Cisco on Cisco team within Cisco IT © 2007 Cisco Systems, Inc. All rights reserved. Cisco Public 1 AAggeennddaa (cid:131) NexGen WLAN overview (cid:131) DDeessiiggnn ddeettaaiillss (cid:131) Adoption & benefits (cid:131)(cid:131) MMaannaaggeemmeenntt && ttrroouubblleesshhoooottiinngg (cid:131) Guest networking WWhhaatt iiss gguueesstt nneettwwoorrkkiinngg Cisco’s original guest networking solution CCiissccoo IITT’ss NNeexxGGeenn GGuueesstt NNeettwwoorrkkiinngg ssoolluuttiioonn Adoption & benefits Guest networking design considerations The future of guest networking at Cisco Cisco_NGGN_7-Jul-2009 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 2 WWhhaatt iiss gguueesstt networking? Cisco_NGGN_7-Jul-2009 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 3 WWhhaatt IIss GGuueesstt NNeettwwoorrkkiinngg?? (cid:131) Provision of network access, typically Internet access, to noncorporate users (cid:131) Differing service positioning Amenity Service differentiator SSecuriitty conttroll Revenue generator (cid:131)(cid:131) LLeeggaall lliiaabbiilliittyy pprrootteeccttiioonn aanndd aacccceeppttaabbllee uussee aa pprriimmaarryy driver Cisco_Enterprise_WLAN_-_BAE_EBC_06_Jun_2008 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 4 HHooww IIss IItt PPrroovviiddeedd?? (cid:131) Most commonly guest networking is provided through the “wireless hotspot” model (cid:131) Wireless service can be delivered via parallel guest nneettwwoorrkk oorr tthhiirrdd-ppaarrttyy sseerrvviiccee pprroovviiddeerr (cid:131) Some enterprises offer both wired and wireless guest nneettwwoorrkkiinngg (cid:131) Usually static FFiixxeedd SSSSIIDD ((wwiirreelleessss)) Fixed Ethernet ports (wired) (cid:131) TThhee ffuuttuurree lliieess wwiitthh ddyynnaammiicc nneettwwoorrkk aacccceessss ccoonnttrroollss and intelligence Cisco_Enterprise_WLAN_-_BAE_EBC_06_Jun_2008 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 5 GGuueesstt NNeettwwoorrkkiinngg SSoolluuttiioonn CCoommppoonneennttss (cid:131) A robust, enterprise-class guest networking solution hhaass tthhrreeee ccoommppoonneennttss:: Provisioning Portal EEnnaabbllee eenntteerrpprriissee uusseerrss ttoo ssppoonnssoorr vviissiittoorrss, eemmppoowweerr employees, create access tokens, distribute operational burden, etc. TTrraaffffiicc SSeeggmmeennttaattiioonn Ensure guest traffic is securely segmented from the corporate network (WLAN, LAN, and WAN) Access Control Provide welcome screen, ensure guests are approved, validate iiddeennttiittyy,, eettcc.. ((ee..gg..,, ppoolliiccyy eennffoorrcceemmeenntt)) Cisco_Enterprise_WLAN_-_BAE_EBC_06_Jun_2008 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 6 CCiissccoo’ss OOrriiggiinnaall GGuueesstt Networking Solution Cisco_Enterprise_WLAN_-_BAE_EBC_06_Jun_2008 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 7 OOrriiggiinnaall OObbjjeeccttiivveess aanndd CCoonnssttrraaiinnttss (cid:131) Build a policy and architecture in which: Non-Cisco visitors can access the Internet a) Where and when Cisco deems appropriate b) With Cisco's permission c) From Cisco’s infrastructure dd)) SSecure, autthhenttiicattedd, recorddedd Cisco_Enterprise_WLAN_-_BAE_EBC_06_Jun_2008 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 8 OOrriiggiinnaall AArrcchhiitteeccttuurraall OOvveerrvviieeww (cid:131) Dual BBSMs at 8 DMZ locations globalwide (cid:131) Internal web application ffoorr pprroovviissiioonniinngg gguueesstt accounts (cid:131) GGRREE ttuunnnneellss ffrroomm eeaacchh site to geographically appropriate DMZ (cid:131) No URL filtering, traffic monitoring, or logging (except guest and sponsor ID, session ssttaarrtt//ssttoopp ttiimmee, aanndd IIPP aaddddrreessss)) Cisco_Enterprise_WLAN_-_BAE_EBC_06_Jun_2008 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 9 OOrriiggiinnaall MMaannaaggeemmeenntt aanndd RReeppoorrttiinngg (cid:131) No centralized management capabilities (cid:131) Only partial integration into EMAN Alerting on BBSM status No IP address depletion alarms No web application status alarms (cid:131) However, robust IP2 User reporting On-demand report to identify guest ID, sponsor ID, session ssttaarrtt//ssttoopp ttiimmee, aanndd IIPP aaddddrreessss Used to identify source of illegitimate or prohibited traffic (malware, P2P file sharing, copyright infringement, etc.) Used only on request by Information Security team Cisco_Enterprise_WLAN_-_BAE_EBC_06_Jun_2008 © 2008 Cisco Systems, Inc. All rights reserved. Cisco Public 10

Description:
Cisco IT Technology TutorialTechnology Tutorial Guest Networking at Ciscoat Cisco Oisín Mac Alasdair, Member of Technical Staff July 2009
See more

The list of books you might like

Most books are stored in the elastic cloud where traffic is expensive. For this reason, we have a limit on daily download.