Wireless guest access gets security boost

An access control product from Bluesocket makes it easier for network admins to provide secure and differentiated guest access to wireless networks and manage traffic flow.

When guests want to access a corporate wireless network, the IT department usually has to set up user accounts that give visitors either Internet access only or free reign across the company's entire network.

The process is labor intensive and could pose a security threat if a guest can access sensitive information.

Now network admins have one less thing to worry about. Bluesocket Inc., a mobile security vendor based in Burlington, Mass., this week introduced the Enhanced Guest Services update to its line of BlueSecure Controllers. The enhancement makes it easier for admins to provide secure and differentiated guest access to a corporate wireless network and manage traffic flow.

Companies can chose who hops onto the wireless LAN, how long they can access it and exactly what information they can reach -- all with the push of a button.

Dave Danielson, Bluesocket's vice president of marketing, said the update protects against "freewheeling guests" that jump onto a wireless network for free from nearby locations.

It also lets companies assign random usernames and passwords to approved guests -- Danielson calls them "trusted guests, known guests, controlled guests" -- that allows specific access to the wireless network.

"It gives them the ability to create guest accounts on the fly," Danielson said.

A one-click interface, called a "reception console," allows a receptionist or security guard to set up a random username and password for a guest. The password is required for network login and is valid for a preset length of time.

Another function, called "batch mode," lets the IT department create a group of pre-printed guest accounts that can be handed out when a permitted visitor enters the building. Those accounts can vary, depending on each guest's level of access and usage rights.

For more information

Read our story about why wireless LAN doesn't mean worriless LAN

Check out technical tips for wireless authentication

The function also allows delayed account activation, in which accounts can be set to activate upon a visitor's first login. For example, the clock doesn't start ticking on a 24-hour account until the guest first uses the password. The IT department has the ability to terminate the account at anytime, meaning access can be restricted after 5 p.m. when a company closes.

"If you don't authenticate, you're not getting into the network," Danielson said. "You're accommodating guests, but you're not doing it in a wide-open fashion."

Danielson said the enhancement works best in places like hospitals, where the facility wants to accommodate patients' visitors and allow them wireless access, but doesn't want a person in the coffee shop next door to be able to get onto the network as well. Along with the healthcare industry, Bluesocket has customers in the enterprise, education, government, library and public-access markets.

Danielson said the enhancement lets companies "simplify and control guest access," while reducing the workload for network managers. Danielson said security polices for controlling guest behavior while they're on the network can be set up quickly and easily.

"From an IT operational standpoint, there is no pain," he said.

This article originally appeared on SearchMobileComputing.com.

Read more on Wireless networking