UPNs monitor entry points

Network administrators are being called on to effectively handle traffic originating from within the network while at the same time protecting those resources deemed necessary by the business. One solution to this problem is user personalized networks (UPN), which handle authentication and authorization at the user’s point of entry into the network.

This approach can go a long way in securing the system from internal attacks by allowing for authentication at the point where a user or device connects to the network.

Kelly Kanallekis, director of technology for Enterasys Networks in Mississauga, Ont., said the concept of UPNs is that, “in an organization there are a bunch of different systems that do different things. When a user logs onto the system, the system recognizes them and gives the user personalized settings. UPN brings that function to the network.”

The system knows which parts of the network a particular user can access, and after authenticating and authorizing the user, it can tap into that “intelligence” and give access to users from any device.

“There is one central place that understands the system and how each person can access it. UPN taps into that place using the 802.1x standard (which defines port-based network access controls), which allows a computer to authenticate to the network,” Kanallekis said.

A UPN also limits what traffic can get into the network by creating an intelligent perimeter, which can adapt to the needs and security requirements of the user.

Enterasys created a UPN based on the idea of directory-enabled networking, an idea Kanallekis said never seemed to pan out. But when one Enterasys director went for lunch with a colleague from Microsoft, the idea came back to the forefront.

UPN is a solution that allows for access to the network for the services that are needed – and only for those services – by limiting the type of traffic dependent upon user authentication.

If a user is not recognized by the network, Enterasys’ UPN simply will not allow for sign on. “The network will throw away the traffic an unauthorized user tried to generate,” Kanallekis said.

This type of network security is completely mobile, as it is based on authorization credentials that can be entered from any machine.

Brian Young, vice-president and CIO at Hobart & Williams Smith Colleges in Geneva, N.Y., said the UPN solution is ideal for the educator’s system as it allows for tools to be built on top of it, but also for students to access it from anywhere on any device.

“This is allowing staff and students to tunnel in securely from home,” Young said, adding that users do not have to be well-versed in networking to deploy these types of networks.

At the moment, the college is only deploying the network to its summer students and staff, but Young did not foresee any problem moving this system to fit the larger numbers of students who attend the schools during the regular school year.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now