We recently completed an interesting project for an international bank that wanted to increase internal network security across its entire network – including wired IP phones and printers, as well as wired and wireless user access.
To talk technical for a moment – this involved replacing all LAN port switches with EAP enabled devices so that all ports enforce authentication prior to enabling network traffic. The EAP enabled LAN switches are configured for EAP RADIUS with Radiator as the central RADIUS server. All desktop and laptop PCs are configured for PEAP authentication and all computer users are authenticated against Windows Active Directory. The same EAP restrictions are applied to IP phones and printers.
The outcome is that the bank now authenticates all users and devices connected to wired ports or to wireless access points, all using the same user security database. This gives any and all attempts at access to the network the same security status and prevents misuse of LAN ports normally used by phones and printers.
We expect that most organisations will be moving to secure their wired and wireless network in this way over the next few years and Radiator provides the flexibility needed to inter-operate with the wide range of devices and authentication methods found in modern networks.