OpenOTP Network Access Control with MFA

OpenOTP Network Access Control

Protect switches & improve wireless networks security with MFA

Network Access Control (NAC) keeps unauthorized users & IoT devices out of your private network. Implement MFA for Ethernet and WiFi security.

MFA for Ethernet and WiFi security
NAC solutions have become an extremely valuable tool in recent years, as mobile devices and the Internet of Things (IoT) have surged to prominence in various industries across the world. Network access control technologies (NAC) provide a user/client authentication layer for your Ethernet switches and Wifi Access Points.
RCDevs helps you

Protect your Ethernet Switches & WiFi

Solution

wifi_vector2-914x720

Most companies are equipped with managed switches and Enterprise access points which support the IEEE 802.1X standard.

OpenOTP / RADIUS Bridge extends access control for wired and wireless networks by implementing a set of EAP protocols under 802.1X. Employees must authenticate themselves to gain effective access to wired and physical networks.

– X.509 Certificates – Employees self-enroll certificates through an easy-to-use web-UI that is protected with one-time URLs and/or one-time codes, delivered via SMS for example. Certificate renewals, with users being automatically notified to re-enroll their certificate and are provided with a one-time URL to do this, are conveniently found in self-services.

– One-Time Passwords – Users can concatenate passwords with a one-time code from their preferred token provider, like OpenOTP Token App, RC200/300/400, or from any OATH compliant Hardware or Software Token.

– Push Login (approve/deny logins) – Using OpenOTP Token App, users can access Enterprise WiFi by simply pressing “Accept” on the Push login request directly sent to their mobile.

– Application Passwords – Users provide a personal, WiFi-specific and time-limited application password which has been pre-registered via the self-service web app.

Features

Main Features

Dynamic Access Control Lists
With OpenOTP RADIUS Reply Attributes, you can easily configure per-user or group access control metadata to be passed to your network devices during the user authentication process. A good example is VLAN access attributes which enable access to specific VLANs based on your WebADM IAM policies.
Enforce WebADM Client Policies per WiFi Network (SSID)
RCDevs 802.1X for Wifi is fully compatible with WebADM client policies. This means you can define access control policies for each of your Wifi SSIDs.  Client policies allow controlling which groups of users can access the network, at what time and even based on LDAP metadata filtering.
WiFi Access with Client Certificates
WebADM includes a full PKI and some very simple certificate management interfaces. A user certificate can also be used to transparently provide access to the WiFi network. Revoking WiFi access is as simple as removing the certificate from the user object.

Key Features

Supported on Enterprise Wifi with EAP-TLS
Supports LDAP, OTP, Push and LDAP+OTP login modes
Convenient Two-Factor with password concatenation
Per user and group reply attributes for Ethernet & VLAN based access
Authentication policies per client application or group of users
Supports any OpenOTP method (Tokens, Yubikey, Push, Passkeys, SMSOTP, MailOTP, etc...)

Compatibilty

Compatible with

Non-exhaustive list of OpenOTP compliant products

Cisco WiFi using the EAP-GTC technology
WiFi devices supporting Enterprise RADIUS with EAP-TTLS-PAP
3com
brocade
cisco
Sophos
IBM
DELL

How to

See how simple it is to integrate OpenOTP with WiFi

SEEING
IS BELIEVING

Whether you are buying a car or a security solution, you always want to test
drive it before signing on the dotted line. We know this and you know this.
Contact us for your Free PoC or check it out for yourself.

EN
FR DE EN