Thursday, 03 May 2018 08:22

4ipnet Authentication Flow on Controller

With support for authentication, authorization, and accounting (AAA), the controller allows network administrators to effectively manage network access, control network usage and monitor user activities. The following flowchart help readers to understand the  order in which authentication methods are presented on the controller, so they could better plan the authentication methods they’d like to leverage as well as better understand how they could troubleshoot if necessary.

Furthermore, as will be seen from the flowchart, a variety of authentication methods are available on the controller for network access control, including web-based, 802.1X, WISPr and MAC authentication.How each authentication method works and where to configure its settings are also explained.

1.Authentication Flow on Controller

 

As can be seen from the flowchart, the authentication flow on the controller goes in the general order of MAC Access Control List > Privilege List > Walled Garden > Non-web Authentication > Web-based Authentication. For all clients, MAC Access Control List (ACL) is the first “gate”. When MAC ACL is enabled, if a client device is not on the Allow List or if it is on the Deny List, it would not be able to obtain a DHCP IP address, and thus would not see the Login Page and be denied network access through the controller.Clients can be granted network access directly based on their MAC address and/or IP address through the MAC/IP Privilege List. Note that clients authenticated through this method would not appear in “Online Users” but in “Non-Login Devices”.

 

http://applicom.net/administrator/index.php?option=com_k2&view=item&cid=4#

2.Authentication Methods

2.1 MAC Access Control List (ACL)

MAC Access Control is used to grant or deny permission to access the User Login Page. As mentioned earlier, if a client device is denied access to the network based on this list, it would not even obtain a DHCP IP address and thus would not be able to access the Login Page.When the List Type is “Allow”, the list can be considered as a whitelist because only the MAC addresses on this list can access network. When the list type is “Deny”, the list can be considered as a blacklist.

“Allow” type is usually used for closed systems.

 

2.2 IP Privilege List

IPv4 addresses of client devices can be added to the IP Privilege List so that these devices can be granted network access without login. Each device/IP address can be assigned to a Group so that Group Policy can be enforced on the device. For each entry on the list, the client device’s MAC address can be optionally added to bind to its IPv4 address.

IP Privilege List can be used with client devices having static IP addresses. Alternatively, it can be used with a DHCP server for assigning DHCP IP addresses to client devices.

2.3 MAC Privilege List

MAC addresses of devices can be added to the MAC Privilege List so that these devices can be granted network access without login. Note that Default Policy (excluding QoS) of the particular Service Zone will be enforced on clients authenticated this way. To configure Default Policy, go to System > Service Zone > Service Zone Configuration, and disable Authentication under Authentication Settings to reveal Default Policy. Note that this Default Policy still applies even when Authentication is set to “Enable”.With IP Privilege List, IP address based Group Policy enforcement can be achieved. However, with MAC Privilege List, QoS in Group Policy cannot be applied. Thus, to achieve MAC address based Group Policy enforcement with QoS, one can combine the use of IP Privilege List with DHCP Reserved IP List

2.4 Walled Garden List

Client devices can access destinations on the Walled Garden List without login, where the destinations are defined by their domain name, IP address or subnet.

Traffic to Walled Garden List can be blocked by User Firewall Rules under Policy.

2.5 802.1X Authentication

802.1X authentication is to be used in conjunction with back-end authentication server configured on the controller. When enabled, if the connected device has its credentials stored on the back-end server, the controller will automatically authenticate and grant network access to provide transparent login.

For 802.1X authentication, the controller must be the RADIUS server configured on the AP (or switch).

2.6 MAC Authentication

MAC Authentication is to be used in conjunction with a RADIUS server configured on the controller. When enabled, if the connected device has its MAC address stored on the RADIUS Server, the controller will automatically authenticate and grant network access to provide transparent login.

2.7 WISPr Authentication

Similar to WebSheet (Captive Network Assistant) on iOS devices, some devices have built-in Smart Client. The Smart Client will detect if the WLAN is a Captive Network by sending requests to a URL as defined by the manufacturer. When WISPr authentication is configured and the Smart Client on a client device is connected to the WLAN, the controller will automatically authenticate and grant network access to provide transparent login for the device.

Some Android devices do not have built-in Smart Client. For Windows systems, built-in Network  Connectivity Status Indicator (msftncsi) is available for Windows 7 and above.

2.8 Web-based Authentication

If client devices cannot be granted network access by all of above methods, a browser or browser-like may pop up, or the user has to open browser to visit a web site then redirect to login page (Captive Portal).

Web-based authentication also called Universal Access Method (UAM).

3.Configurations

3.1 MAC Access Control List

a. Go to User > Additional Controls, scroll down to “MAC Access Control List” and click “Configure” to enter the configuration page.

 

a. Click “Add MACs” to start adding entries to the list. 

c.Enter the MAC address(es) of the client device(s) and click “Apply”.

d.Select List Type “Deny” and click Apply. As mentioned earlier, client devices with their MAC addresses on the Deny List would not be able to 1) get a DHCP IP address from the controller, 2) access the Login Page; and 3) have network access through the controller.

3.2 IP Privilege List

a. Go to Users > Privilege Lists > IP Privilege Lists, click “Add”.

b. Enter the client device’s IP address and click “Apply”. The device can access the network without redirection to login page, and be authorized based on its Group Policy. However,only Firewall, Session Limit, QoS and Specific Routes will apply.

3.3 MAC Privilege List

a. Go to Users > Privilege Lists > MAC Privilege Lists, click “Add”.

b. Add the client device’s MAC address to the list and click “Apply”. The device with this MAC address can access network without redirect to login page.

3.3.1Example: MAC Address Based Full Group Policy Enforcement (with QoS)

A client device will be given MAC address based privileged network access in multiple Service Zones with full Group Policy enforcement (with QoS). The client device will have Privilege IP Addresses of 192.168.1.10 in the Default Service Zone, 172.21.0.10 in SZ1 and 172.22.0.10 in SZ2, respectively.

a. Go to System > Service Zone > Service Zone Configuration > DHCP Configuration > Reserved IP Address List in the Default Service Zone, add an entry with a Reserved IP Address of 192.168.1.10 with a MAC Address of AA:BB:CC:DD:EE:FF.

b. Go to the Reserved IP Address List in SZ1, add an entry with a Reserved IP Address of 172.21.0.10 with the same MAC Address.

c. Go to the Reserved IP Address List in SZ2, add an entry with a Reserved IP Address of 172.22.0.10 with the same MAC Address.

d. Go to Users > Privilege List > IP Privilege List, add multiple entries with the same client device’s MAC address binding to different Privilege IP Addresses for different Service Zones.

3.3 Walled Garden List

a. Go to Network > Walled Garden, click “Add”

b. Add the domain name, IP address or subnet of the desired destination to the list and click “Apply”. Client devices can go to these destinations without redirection to the Login Page

c.Go to System > Service Zone > Service Zone Configuration, scroll down to “MAC Authentication” of Service Zone and Enable this option. By default, the back-end RADIUS server is “Server 2” (Configured in the Auth. Option for RADIUS).

3.5 802.1X Authentication

a. Go to Users > Authentication Servers, click Server Name “Server 2” in this case.

b. Configure Authentication Option. The postfix is “example.com” in this case.

c. Go to Users > Internal Authentication > RADIUS, configure RADIUS Server settings.

d. Enable “802.1X Authentication” and click “Apply”. Then, go to “802.1X Settings”.

e. Add the subnet or IP address of the 802.1X authenticator (AP or switch) to the RADIUS Client Device List, and select default RADIUS server for the client credential only with ID (without the email-like postfix “@example.com”).

f. Configure control as RADIUS server in AP, and security should be WPA2-Enterprise

g. When client device connected to the WLAN, the controller will automatically authenticate and grant network access to provide transparent login.

3.6 Walled Garden List

a. Go to System > Service Zones. In this example, “Default” Service Zone is selected. 

b. Scroll down to “MAC Authentication” of Service Zone and Enable this this option. By default, the back-end RADIUS server is “Server 2” (Configured in the Auth. Option for RADIUS).

c. Go to Users > External Authentication > RADIUS, enter settings of RADIUS server.

d. When the connected device has its MAC address stored on the RADIUS Server, the controller will automatically authenticate and grant network access to provide transparent login.

3.7 WISPr Authentication

a. Go to System > Service Zones > Service Zone Configuration, configure WISPr Settings

b. Enable WISPr Smart Client and enter related parameters

c. When Smart Client on a client device is connected to the WLAN, the controller will automatically authenticate the device and grant network access to provide transparent login.

 

Monday, 06 March 2017 05:55 Written by

SharePoint Services Dubai

Are you aware of SharePoint development? Are you planning to set up a SharePoint app for your business? Did you know the benefits of the same? If the answers are YES, you are at the right place, as this article tells you how beneficial it is to build a SharePoint application for your business.

Who doesn't know about SharePoint!! Businesses have succeeded and attained goals because of SharePoint. It is one of the best platforms to build websites and applications. The field of Sharepoint application development is advancing day by day. With the increase in popularity, it is being used extensively across the world. Well, the reason behind this popularity is its handful of benefits.

sharepoint dubai

This article will not be enough to mention the benefits of SharePoint.It is one of the best platforms that facilitate knowledge sharing and team working and improves business intelligence. SharePoint also increases efficiency and enables legal compliance. Moreover, it improves productivity and management control.In addition to that, it also provides simplified data structure.

The best thing about SharePoint is that it provides information security and guarantees integrity. The users can stay updated, providing solutions as per the requirements. Apart from these, it lets the users share the documents at ease and finding out the documents are also easy.It is easy to manage and comes with high security. In short, it encourages innovation that leads to better business outputs. 

Applicom, a leading IT company in Dubai, UAE offers SharePoint development, migration and support services in Dubai and entire UAE.

SharePoint enhances the user experience by making it simple and consistent thus the day to day business activities are also simplified. It not only helps the employees to get information easily but also fastens up the shared business processes. It is one of the safest and secure platforms to opt for, as it shares without revealing the confidential data. This single integrated platform helps employees to make the decisions in a better way.

Sharepoint web applications benefit every department in an organization. Here are some examples: 

 Human Resources: Integrate with your existing systems to allow employees to submit forms such as expense reports and leave requests electronically.

 Health, Safety, and Environment: Report, investigate and resolve HSE incidents as they happen and view data on real-time dashboards.

 Learning and Development: Manage training requirements for all employees and allow them to take online assessments using an E-Learning portal.

 Legal: Collaborate on contracts with your team and automatically route finalized documents to the appropriate people for approval.

 Supply Chain and Logistics: Schedule and track shipments, receive alerts on items awaiting action and late shipments.

 E-Procurement: Manage the entire procurement process from supplier registration to tender bid submissions. Allow suppliers to log on an E-Procurement portal to view tender documents and submit bids.

 Asset Tracking: Track inventory along with certification expiry dates and receive alerts when a piece of equipment is due for re-certification.

 Maintenance: Manage maintenance requests and track hours and parts used in each job.

 Marketing: Integrate with your existing ERP to display customized dashboards showing live data

 IT Support Help Desk: Manage IT support requests and route cases to appropriate people in the support team.

 

Now that you are aware of some of the most important benefits and uses of SharePoint, it is advisable for you to choose it for your enterprise. There are a lot of companies that provide SharePoint application development services, so you must hire the best one for the complete research. 

APPLICOM’s development team is involved in all the stages of the software development lifecycle including, business analysis, design, implementation, quality assurance and project management. APPLICOM software engineers follow best practices, Agile software development methodologies, and test-driven development. APPLICOM development team has advanced expertise in C, C++, C#, Java, Objective-C, HTML5, JSP, Javascript, CSS, PHP, MSSQL, and mySQL. 

Request Consultation

Last modified on Thursday, 03 May 2018 08:22
Sunday, 05 March 2017 07:46 Written by

Contact Center Solutions Dubai

Customer support has become more complex and challenging than ever before.Applicom Dubai offers contact center solutions, which is easy to integrate and deploy. Our contact center/ call center solutions will take your customers to the next level. Since technology has fostered higher expectations among customers. Your agents can obtain the data needed to deliver and your customers can enjoy the benefit of better communications and faster response. A contact center is also known as call center and serves the integral role of every business.A contact center typically includes one or two call centers and is considered as the essential element in multi-channel marketing.

Without the right tools and technology in place, agents lose precious time – and customer goodwill -- as they switch between traditional phones and desktop computers to resolve issues. When business expands to various locations, agents may find it more difficult to handle questions if subject matter experts are based in other cities, work from home or are simply on the road.

contact center solutions

Our Contact Center Solution Features

We provide top-notch contact center solutions that come with advanced features to effectively manage you contact center. Our Solution is designed in a manner to understand what is happening with calls and focus trends over time to ensure efficient operations.We help you build your contact center equipped with features that deliver efficient and effective service to their customers. 

If your contact center staff is spending more time than necessary jumping between tasks or your callers are experiencing longer wait times, use today’s technologies to increase efficiency and meet customer expectations. All you need is to identify areas for improvement.You can start that by interviewing you contact center staff. Using their feedback, you can implement necessary changes.

Step Up Call Routing

Call routing and grouping are mainstays of contact centers, but used strategically they can help resolve issues quickly with the least amount of agent intervention. For example, a business may have two call centers, each offering different levels of service. When a call comes in, the system automatically deciphers where to send the call. VIP customers may get connected immediately with personalized white-glove service, while others are directed to self-service. Agents spend less time on routine calls and more time using their expertise to solve complex problems for key clients.

Enable Mobility

Remote and traveling staff rely on their smartphones to connect with the home office as well as clients wherever they’re located. By enabling mobility for your contact center, an agent can reach field personnel at critical moments, even if they’re sitting on an airport tarmac. Mobility also creates a seamless – and more positive – customer experiences. For example, local support agent Jane is based in San Diego in a home office. But anyone calling the Wichita headquarters will know her only as extension 3452.

Integrate Customer Data

Call centers present a significant opportunity for driving new revenue. But without customer data integrated into the phone system, employees lack the information they need to identify and close opportunities. By tightly integrating CRM applications into your contact center, you can deliver a significantly higher level of personalized attention to callers and increase the revenue opportunities for your team.

Enhance Reporting

You can’t improve what you don’t measure. Seeking feedback from employees is a good first step toward tailoring the contact center to the way they work, but activity data is vital for continued improvement. With sophisticated reporting tools, customer service managers can identify the source of bottlenecks and breakdowns more easily, enabling them to align processes more closely with the way employees work. For example, reporting data may indicate that agent time can be reduced if calls are divided and routed according to specific information, such as area codes. Depending on your contact center solution, rolling out these capabilities could be quite simple. If you’re still relying on a traditional package that doesn’t take advantage of the latest tools and technologies, it might be time to explore new options.

Our contact center solutions are feature rich and meet the growing demands of today's business patterns and aim to deliver maximum deployment flexibility.No matter in which niche your business lies, ShoreTel contact center solution is the best choice for a productive environment.

 

Thursday, 02 March 2017 12:39 Written by

Network Security Dubai

Network security becomes a major concern for all organization.Every business should give adequate care and prepared against the attack of threats that may affect the organization's vital data. The fact is that security should not be neglected and must be handled with utmost importance.With a fair and good security system, all the data and documents can be kept safe from attacks and theft.

Chances are high that network can easily be breached by attackers by means of various tools and methods. The set of principles and activities that are designed to protect any organizational network is known as network security, not only does it protect the network it also safeguards reliability and security of data and network.

No single solution can protect you from a variety of threats. For that, you need multiple layers of security. If one fails, other still function.Network security is accomplished through hardware and software and the software must be updated constantly to protect from upcoming threats. It consists of many components and when worked together it minimizes maintenance and improves the security.

Secure your organization with our avant-garde security partners

Applicom, being a key player in providing network security solutions in Dubai and entire UAE, help businesses in choosing the right solution for a secure working environment. Ranging from small organizations to large enterprises, we solve network security concerns and help them in moving forward without any fear. Our broad range of security solutions act as a watch dog for your organization. 

Benefits of network security:

  • It helps in safeguarding data
  • The best part is it ensures that the information being pooled with other computers on other networks is always secured.
  • It prevents the system against theft and attacks.

With proper security, your company will experience many benefits. Your business will be protected against disruptions which in turn help employees to become productive.Network security protects your customers' data and reduces the risk of data theft. With a close watch on evolving trends of attacks our top -notch products ensure total security for your organizations.

Our expertise lies in

  • Advanced Security technologies
  • Highly skilled security experts
  • Detecting  network vulnerabilities
  • Threat management
  • Compliance management
  • Security awareness management

 

Why should you choose Applicom for Network Security?

You can design the security in your choice: Your business is important.Hence we strive for strong security.

Uplift your security: Our avant-garde products manages a highly complex environment and help you with advanced security requirements.

Advanced Insights: Constant update of the possible security breaches.

As a leader in the IT infrastructure solutions in Dubai and whole of UAE, we deliver the most scalable security solutions for your organization. Our proven strategies and tools make sure that your data security is safe in our hands. 

If t your organization needs network security in Dubai, we are happy to support you in implementing a reliable and top-notch security plan for your organization.

Our Network Security Partners:

Barracuda Watchguard Forcepoint Acunetix

 

Last modified on Tuesday, 17 October 2017 07:48