Overview
Advantages
Applications
Entire Enterprise Rollout
Guest Access
Migration to 802.11n
Migration from Legacy Autonomous APs
Mission-Critical Networking
Secure Enterprise WiFi
Voice over Wireless LAN
Case Studies

Solutions > Applications > Guest Access

Guest Access

Guest access has proven to be popular with enterprises as a way of providing customers, vendors, consultants, and other corporate visitors with Internet access. This is offered as a convenience and a way to make the meetings or engagements at corporate as productive as possible, with the guests able to access email or websites during their visit.

With these benefits also come some concerns regarding the ease of use, the security and legal liabilities of the guest access system. Wireless LANs are a natural fit to provide this access as organizations don't need to provide Ethernet connections in every location, users do not need to bring cables, and today virtually all laptops ship with integrated wireless networking. There are also concerns that these guest users should not have any access to sensitive corporate resources and that they should abide by the company's terms of use for Internet access.

Aerohive Networks cooperative control architecture is able to address all of these concerns with a simple and flexible approach.

Users can associate with a guest specific SSID and can be assigned the default policy for the SSID or be assigned more granular user profile specific policies based on attributes supplied by RADIUS if guest user credentials are supplied. The HiveAP can present them with a captive portal web page that can be used to capture and log information about guests and require them to accept the company's terms of use before being given access to the Internet. Guest traffic can be isolated in one of three ways. SSID settings and policies for guest access can assign users to a guest VLAN. Alternatively, or in addition to using VLANs, HiveAP's can tunnel their traffic directly to the Internet DMZ. Finally, security and QoS policy enforcement of the guest user is performed at the HiveAP that may optionally be used to restrict guest access to only the Internet or other authorized resources, limit their bandwidth, and prevent layer 2 through layer 4 denial-of-service (DoS) attacks that could otherwise consume valuable air time and resources.

Aerohive Networks unique cooperative control architecture and cooperative control APs can deliver this level of flexible identity based policy without the need for a centralized controller and in networks as small as a single access point. This significantly reduces the cost and complexity associated with providing this service to non-employees working within the enterprise.

back to top | Return to Solutions Applications >>

Aerohive Corporate Brochure
The Economics of Cooperative Control - Protocols are Free
Cooperative Control Architecture Whitepaper
SLA Compliance: Wireless Fidelity Achieved Whitepaper
Home    Solutions    Products    Resources    Support    Partners    Company    How to Buy    Contact