The Nomadix Access gateway will keep your network secure from un-trusted users and unwanted guests, while removing the time intensive task of configuring every guest’s PC to match the settings of the enterprise network.
Below, are benefits of the Nomadix Access gateway when used in conjunction with Virtual LANs and Firewalls to ensure secure enterprise networks.
Securing the Network
A Virtual LAN (VLAN) is a logical network that can be created and secured from other logical networks on the same network LAN device, such as an Ethernet switch. The Nomadix Service Engine™ (NSE) can track the location from which each user has requested network access by the user’s unique VLAN identifier (ID). By using this method of user identification, the NSE can effectively manage secure access to the network.
Network Security and Plug-n-Play Access
Deploying a firewall in a network enables the network to be kept secure from unknown and unwanted users. The firewall can consist of a single router that filters out unwanted packets or may comprise a combination of routers and servers each performing some type of firewall processing. Firewalls are widely used to provide users with secure access to the Internet as well as to separate a company's public Web server from its internal network. Firewalls are also used to keep internal network segments secure. For example, it is usually desirable for the accounting servers and network to be kept secluded from the rest of the enterprise network, ensuring all unauthorized access is blocked.
Following are some of the techniques used to provide Firewall protection and the advantage of the NSE.
Blocks traffic based on a specific Web address (IP address) or type of application (e-mail, FTP, Web browser, etc.), which is specified by port number. This can also be known as a “screening router.”
Network Address Translation (NAT)
Network Address Translation (NAT), an IETF standard that allows an organization to present itself to the Internet with one address which is translated to many IP addresses internally, typically one per client computer. NAT also serves as a firewall by keeping the users individual IP addresses hidden from other networks by using private IP addresses that are not known to the outside world.
The NSE contains Nomadix’ patented Dynamic Address Translation™ (DAT) technology to keep internal network users secure from an external attack. DAT also enables the Guest to get connected to the network without changing any configuration setting in their computer. The NSE also contains a URL Filtering feature that provides an additional level of security that defines which Web sites the network’s users cannot gain access to, enabling up to 300 URL’s to be blocked.
DAT was designed to eliminate IP configuration issues and their associated technical support calls and site visits allowing IT Administrators to deploy guest access without wasting valuable IT time and resources in providing this service to their partners and customers. Simply put, with Nomadix DAT technology in the network, guest users can run their computers in any configuration and still gain access to the network. This is a vast improvement over standard networks where every computer must be assigned several specific settings to enable user access the network. As DAT performs translation much like ‘basic’ NAT it provides the same level of user security.
Typically, without DAT the following settings must be configured:
IP Address — Unique identifier that allows traffic to be routed to the computer.
In a non-Nomadix enabled network, every one of the above settings must be correct in order for a guest’s computer to gain access. For example, if a laptop computer that is statically configured for an office location is moved to a home network location, it will be unable to access the home connection because the network settings will be different between locations, forcing the user to maintain knowledge of these technical settings and change them whenever they move between locations.
Subnet Mask — Parameter that defines the size of the network segment on which the computer resides.
Gateway Address — The network location of the gateway (router) connected to the Internet.
DNS Servers — Addresses that specify the location of Domain Name Servers for the computer and translates these addresses, such as www.yahoo.com—entered by users into their browser, into an IP address such as 188.8.131.52 that computers use.