Public internet access: who is responsible?
In the first of a series of articles looking at business issues faced by IT managers, we look at the steps companies need to take if they open their networks up to visitors.
According to Maurizio Taffone, a business development manager at Cisco, around half of the vendor's customers want to provide managed access to their network. The others, primarily those that own public buildings, either grant no access or bring in a commercial service provider.
Taffone says that the demand for Wi-Fi access remains high, even though in Europe consumers and business users increasingly carry 3G-enabled devices or dongles.
However, Wi-Fi has now largely replaced demand for guest access to wired networks, because of Wi-Fi's greater flexibility and economy in multi-user environments. "The speed gulf between Wi-Fi and fixed networks has also narrowed," he says.
The first step businesses need to take is to separate out guest users from the corporate LAN, and ideally, from each other.
Companies running large public facilities or venues might also want to create separate access rules for internal or company visitors, contractors, and for paying hotspot users, and assign different classes of service, bandwidth and controls to each.
Businesses might reasonably ask that contractors who are on site for a period of time and who might need some access to internal network resources, for example printers to have up to date security software in place, and maybe even allow their machines to be scanned.
Such measures are not practical, though, for guests given access as a courtesy or on a commercial basis. This means that quite granular network controls are needed, along with security "postures" for each class of user. This goes beyond simply setting up separate SSIDs for guest and internal use.
Get the ITPro. daily newsletter
Receive our latest news, industry updates, featured resources and more. Sign up today to receive our FREE report on AI cyber crime & security - newly updated for 2024.
According to Scott Reeves, technical director for Ruckus Wireless in Europe, the Middle East and Africa (EMEA), such postures often manifest themselves by blocking services. Some hotels, for example, block voice calls over Skype but allow instant messaging.