Case study: easyHotspot Business
easyHotspot is perfect solution for companies when needed wireless or cable access for visitors, secured from the point of view of their Internet access and their connection to the internal network of the company.
Applications
Most business networks have security systems, procedures and limitations that implies access restrictions to certain destinations (sites not complying with company's activity or objectionable content) or to certain ports (eg the e-mail service of other servers). Also, the internal network is usually protected by enforcing procedures in the connected computers.
However, most companies need to offer its visitors access to Internet. However, the introduction of an external computer into internal network will deny all security measures, allowing uncontrolled access both its internal and Internet resources. Thus, to provide this service is also needed to control access to Internet connection for several reasons:
- A company needs to ensure that only its visitors use their Internet connection, not also computers in the immediate neighborhood (apartments in blocks neighbors, other companies have offices nearby, a.s.o.)
- the free wireless connection also means is impossible to identify user, which may give him the opportunity of using access to attack on other Internet sites, electronic fraud, other crimes, for which the connection owner could be liable.
- access is unrestricted, no password and no encryption. The advantage is that any connection is easy and transparent, without the need for additional knowledge from users or your staff. The downside is obvious, namely that all computers within a radius of 100-200 meters around the site can have free Internet access through your equipment, and your connection.
- restricted encryption key (WEP, WPA-PSK, WPA2-PSK). Advantage is that you control who connects to the access-point, but a relative advantage because the given password remains saved in the visitor's computer and can be reused and because, over time, any wireless connection using the security system can be decrypted, using specialized software. The time taken is not given password complexity, but the amount of traffic, the more traffic, the faster the decryption. Once decrypted, the connection can be used by the computers in the vicinity of location (see above). Disadvantage is that your staff should be enrolled for specific settings for different types of user equipment.
- restricted encryption key or WPA Enterprise WPA2 Enterprise (802.1x, implementing digital certificates). The advantage is that you control and secure all the people that connect to your access-point. The disadvantages are that your staff should undergo an in depth specialization about that system and specific settings for various possible types of communication different users' equipment and that you need a license server (RADIUS implementation or equivalent).
Optimization and securing using easyHotspot
easyHotspot address precisely these situations, enabling the easy use and no need for specific level knowledge of your employees, as well as a maximum security control connections all over your visitors.
Thus, easyHotspot equipment will either double the existing gateway connecting directly to the Internet through a connection or will be placed inside the corporate network, ensuring separation from internal resources. Your visitor will follow three steps for unrestricted Internet access:
- Any connection to the wireless network will be redirected to a page the user will be required an access code and will provide information about how to obtain that access code (IT department, other ways).
- Following the call of the visitor and using an unique user name and password, your staff will generate an access code. Access codes are generated according to different categories and can provide access for various time periods.
- Visitor will enter the access code and then can use Internet connection.