Cloudpath Networks Intros Automated Device Enablement Framework
Cloudpath Networks has introduced the XpressConnect Enrollment System 3.0, an automated device enablement (ADE) platform that combines secure device onboarding and certificate management.
ADE provides infrastructure-based control and security for both personal and IT-owned devices without the need for on-device agents. Modeled after carrier networks, ADE uses smart, policy-associated certificates to provide visibility and control over every device starting at the WiFi layer and working upward. With the XpressConnect Enrollment System, enterprise environments can selectively enable services and capabilities on a device-by-device basis for a spectrum of users, including guests, contractors, BYOD and IT. IT can visually monitor devices and their associated policies in real time from a single dashboard.
The ADE framework is designed according to six key premises, according to the company:
- Every device should have secure, encrypted connectivity, even if that connectivity is Internet-only. A device without connectivity is worthless; a device with unencrypted access is dangerous; and a device with secure connectivity has value.
- WiFi is the new hub for the enterprise. Enterprises should handle guests, contractors, partners, suppliers, BYOD, IT and more in a consistent, secure and effective manner.
- The days of "one user equals one device" are over. Today's graduates (and tomorrow's employees) now regularly use four to five WiFi devices. With multiple devices, use patterns change. Environments should handle both low-value/low-risk devices and high-value/high-risk devices in a manner that efficiently captures the potential value from each device.
- Begin with least-privilege access and build upward. The highest volume of devices will need least-privilege (typically just Internet-only secure WiFi access). Be sure to tackle these in a cost-effective and user-friendly manner. As you move up the privilege ladder, ensure that the value of the additional privileges is greater than the associated costs (IT overhead, risk, user perception, etc.).
- Tread lightly on personal devices while maintaining security appropriate for the device's use. Infrastructure-based control helps maintain consistency across the fragmenting device landscape. Standards and existing protocols are preferable to proprietary agents and apps.
- Plan beyond the network. WiFi is the starting point for services, but devices commonly need access to other services, such as VPNs, web proxies, e-mail and websites (single sign-on or two-factor). Environments should ensure that each device is automatically enabled with the appropriate services and capabilities to match both IT policies and the device's intended use.
For more information visit the Cloudpath site.
About the Author
Rhea Kelly is editor in chief for Campus Technology, THE Journal, and Spaces4Learning. She can be reached at [email protected].