OpenOTP Network Access Control
Protect switches & improve wireless networks security with MFA
Network Access Control (NAC) keeps unauthorized users & IoT devices out of your private network.
Protect your Ethernet Switches & WiFi
Most companies are equipped with managed switches and Enterprise access points which support the IEEE 802.1X standard.
OpenOTP / RADIUS Bridge provides extended access control for wired and wireless networks by implementing a set of EAP protocols under 802.1X. Your employees must authenticate themselves in order to gain effective access to wired and physical networks.
– X.509 Certificates – Employees self-enroll certificates through an easy-to-use web-UI that is protected with one-time URLs and/or one-time codes, delivered via SMS for example. Certificate renewals, with users being automatically notified to re-enroll their certificate and are provided with a one-time URL to do this, are conveniently found in self-services.
– One-Time Passwords – Users can concatenate passwords with a one-time code from their preferred token provider, like OpenOTP Token App, RC200/300/400, or from any OATH compliant Hardware or Software Token.
– Push Login (approve/deny logins) – Using OpenOTP Token App, users can access Enterprise WiFi by simply pressing “Accept” on the Push login request directly sent to their mobile.
– Application Passwords – Users provide a personal, WiFi-specific and time-limited application password which has been pre-registered via the self-service web app.
– Voice Biometrics – Users are required to speak their security passphrase using the OpenOTP Token app in order to start the WiFi connection.
Dynamic Access Control Lists
Enforce WebADM Client Policies per WiFi Network (SSID)
WiFi Access with Client Certificates
Supported on Enterprise Wifi with EAP-TLS
Supports LDAP, OTP, Push and LDAP+OTP login modes
Convenient Two-Factor with password concatenation
Per user and group reply attributes for Ethernet & VLAN based access
Authentication policies per client application or group of users
Supports any OpenOTP method (Tokens, Yubikey, Push, Voice Biometrics, SMSOTP, MailOTP, etc...)
Non-exhaustive list of OpenOTP compliant products
Cisco WiFi using the EAP-GTC technology
WiFi devices supporting Enterprise RADIUS with EAP-TTLS-PAP
Learn more about:
Choose the method that best suits you