12 requirements for next generation network access technology
NCP engineering has developed a blueprint for next generation network access technology. The roadmap details the 12 essential components organizations need to secure their networks, foster productivity across a distributed network and streamline central management policy, while meeting compliance mandates.
1. Central Management
Central management of all user components is a basic requirement of new VPN solutions. With a single point of administration, only one user interface is needed for the dialer, VPN client, personal firewall and WLAN-login, and only one console is needed for the VPN gateway, certificate authority and LDAP console, endpoint policy and software distribution console. Central management simplifies mass-rollouts, and eases the administration of user-related data, integrated personal firewalls, removed VPN gateways, software updates and certificates. It can also reduce training expenses for administrators and users.
2. Network Access Control
Endpoint policy enforcement is another essential functionality for the implementation of next generation network access technology and endpoint security. With users able to manipulate security safety guidelines, administrators must check all relevant parameters before giving access to the network system. This control forces users who do not fulfill safety guidelines into a quarantine zone.
3. Strong Authentication
Strong authentication procedures are critical to the implementation of a next generation network access technology. It is no longer sufficient to allow access to a company’s network system through user names or passwords, for both can be easily spied out by hackers. System administrators must apply authentication tools, including OTP-Token, OTP Mobile, digital certificates and biometric technology.
4. Open Standard Interface
Next generation network access technology must be able to support all relevant operating systems (e.g. Windows XP 32/64, Vista 32/64, Windows Mobile, Symbian) and VPN gateways (e.g. Cisco, Checkpoint, Watchguard). An open standard interface reduces organizations’ administrative burdens as well as overhead costs.
5. IPSec and SSL Hybrid Support
It is necessary for enterprises to have secure external company communication in every remote access environment, with and without VPN client software. Regardless of whether IPSec or SSL technology is applied, next generation network access must control both simultaneously. Administrators can enable mobile employees to communicate, either fully integrated in a centrally managed IPSec VPN (Intranet) or be connected “clientless” to the company’s network.
6. Personal Firewall
An integrated, dynamic personal firewall is key component for the next generation of network access technology. With a firewall setup, the administrator can select the best control installation for ports, IP addresses, segments and applications. The administrator can also automatically distinguish between safe and unsafe networks, as well as activate and deactivate appropriate firewall regulations.
7. Compliance
Next generation network access technology implementations can help organizations achieve and fulfill all regulatory compliance objectives, such as data protection. The solution must be capable of transparently recording all security data and generate audit-safe reports for appropriate company departments.
8. Integrated Dialers
All dialers for different access scenarios, such as WLAN, UMTS, hotspot, GPRS and modem, are integrated into the VPN system. With dialing parameters centrally managed, blocked and unreeled, administrators can prevent users from working with different software interfaces.
9. Automated User Access
Automated user access allows administrators to effortlessly integrate new users and department connections into the VPN system. This flexible and scalable component also connects remote users by transferring personnel data records.
10. User Permissions
Entered and only changeable by the administrator, user permissions are a necessary requirement for enterprises. Parameters can be configured depending on a user’s knowledge or a company’s policy user rights. Administrators prevent subsequent manipulation, whether intended or through error, and reduce users’ needs for helpdesk support.
11. IT Integration
Smooth integration into existing IT territories is essential. By implementing VPN solution standards, organizations can protect its infrastructure investment and assure a high integration capability.
12. Long-Term Development
Enterprises must ensure that its next generation network access technology has no restrictions in relation to new operating systems and infrastructure migrations. Administrators must take both the near and long-term safety of the solution into consideration.