We all want high-performance, multi-gigabit switching. So, too, do hackers trying to siphon your corporate data...

Security and privacy are critical pillars – while the sheer volume and diversity of devices pose enormous challenges

Sponsored Since the World Health Organization declared COVID-19 a pandemic, businesses and organisations have struggled to adapt to the “new normal” in business operations connecting employees, customers, partners and stakeholders in the supply chain. Many business continuity plans have entailed intuitive self-service workflows with streamlined network on-boarding so users and endpoint devices can gain network access simply and securely.

High-performance access infrastructure enables enterprises to deliver great online experiences for remote workers. Security and privacy are critical pillars of superior user experience. But the sheer volume and diversity of devices that require network access pose enormous challenges for cybersecurity professionals.

The security risks of a multi-gigabit, mobile-first world have escalated with bring-your-own-device (BYOD), Internet of Things (IoT), and expanded threat surfaces exposed to new modes of cyber-attacks. Main threats include man-in-the-middle attacks that allow hackers to intercept traffic on poorly secured Wi-Fi networks. These attacks steal login credentials, financial information, or other sensitive business data.

More than 50 per cent of enterprise-generated data will be created and processed outside the data centre or cloud by 2022, according to Gartner. In other words, mobile devices have become points of entry for an attacker to gain access to sensitive data held on the device, in the cloud, or in the corporate network. This means that mobile security must operate not in a silo but in sync with other security products.

Secure access

This has driven CommScope Ruckus to dovetail secure network access for BYOD, guest users, and IT-owned devices with its multi-gigabit networking solutions that drive exceptional wired and wireless connections.

The CommScope Ruckus ICX fixed form-factor switches work seamlessly with Ruckus Wi-Fi access points (APs), Ruckus SmartZone network controllers and Ruckus Cloud to unify wired and wireless network access. SmartZone controllers simplify network setup and management, enhance security, simplify troubleshooting with online tools, and ease upgrades for networks built on Ruckus switches and APs.

Aligned with simple ways to improve security related to wired and wireless access, the CommScope-Ruckus portfolio of solutions bolsters data security with increased visibility and control over devices and users allowed on the network. These solutions include:

  • Secure on-boarding: Unlike cumbersome methods for network on-boarding and authentication, like MAC authentication and conventional pre-shared keys (PSKs), CommScope offers an easy, intuitive and purpose-built system for secure network on-boarding where users only need to go through the on-boarding process once without IT intervention.
  • Cloudpath Enrolment System: The system software or software-as-a-service platform streamlines network on-boarding for BYOD users, guests and IT-owned devices. IT teams can define and manage policies for role-based wired and wireless network access; hold granular control over what devices users can access on the network; and dramatically reduce helpdesk tickets related to network access. Cloudpath secures every connection with WPA2-Enterprise, encrypting and protecting data in transit between the device and the AP.
  • IoT endpoint on-boarding: In the face of a fragmented ecosystem of standards, devices and services, common IoT access consolidates multiple physical-layer networks into a single converged network. The CommScope Ruckus IoT Suite simplifies the creation of such an access network through the reuse of LAN and WLAN infrastructure, thus shortening deployment duration and reducing cost to support multiple IoT solutions. This concept has been applied across various verticals such as manufacturing, hospitality, healthcare and education.
  • Cloud: The Ruckus Cloud management and analytics is an artificial intelligence-enabled converged network management-as-a-service platform. Coupled with Cloudpath subscription, it provides administrators with a single-pane-of-glass view of all venues, as well as connected APs, switches and clients. Traffic to and from the cloud is encrypted while data stored in Ruckus Cloud is encrypted at rest.

Only AP, switch, and client management traffic are sent to the cloud but client data traffic is broken out to client-desired destination at local network and sent through existing firewall. Check out Ruckus Cloud privacy policy here.

With Ruckus Cloud and the infrastructure-agnostic Cloudpath software’s 802.1X certificate management, even small IT departments can remotely and easily add new users and wire-less APs connected with multi-gigabit switch; administer guest networks; and manage entire Wi-Fi 6-enabled buildings and campuses or multi-site deployments.

Enterprise-class availability

The Cloudpath system is supported across the Ruckus ICX switch family. Ruckus ICX switches, which are broadly deployed within the US federal government, support the most stringent security standards and encryption technologies. They are compliant with the following federal certifications: FIPS, Common Criteria, CSFC, and JITC. Each new release of the switch software is recertified by the relevant certification authorities on an ongoing basis.

To meet regulatory compliance and protect data in transit across both internal and external links, CommScope offers organisations a stackable switching solution that delivers encryption from the wiring closet. Dedicated encryption products are not needed.

For end-to-end data privacy, the Ruckus 7450 Service Module, for example, provides hardware-based acceleration (10 Gbps throughput) for IPsec VPNs using Advanced Encryption Standards. It offloads mathematically intensive processes so that the switch processor is freed to identify traffic for encryption, negotiate the security associations, and forward encrypted traffic. MacSec also protects large campus backbone communication on the ICX switch trunk side.

Further, a software-defined network controller with support for OpenFlow on the Ruckus ICX switches bring the benefits of programmatic control for higher levels of customisation, security and efficiency. Such flexibility and adaptability are a boon to robust communication networks that provide fast, reliable and secure Wi-Fi – essential during a pandemic like COVID-19. Wi-Fi must safely connect patients, doctors, and nurses to their loved ones without risk of exposure. Wi-Fi connectivity and network access have also become must-haves for students and remote workers who need to collaborate and complete critical assignments or jobs.

Sponsored by CommScope.

Biting the hand that feeds IT © 1998–2021