NAC

Physical Network Access

Protect your enterprise’s wired and wireless networks with Strong Authentication

company-wifi

Network Access Control (NAC) keeps the unauthorized users and devices out of a private network

NAC solutions have become an extremely valuable tool in recent years, as mobile devices and the Internet of Things (IoT) have surged to prominence in various industries across the world. Network access control technologies (ie. NAC) provide a user/client authentication layer for your Ethernet switches and Wifi Access Points.
RCDevs helps you to

Protect your Ethernet switches and Wifi Access Points

Solution

wifi_vector2-914x720
Most companies are equipped with managed switches and Enterprise access points which support the IEEE 802.1X standard. OpenOTP / RADIUS Bridge provides extended access control for wired and wireless networks by implementing a set of EAP protocols under 802.1X. This means that your employees must authenticate themselves in order to gain effective access to wired networks with:

– X.509 Certificates – Employees self-enroll certificates through an easy-to-use web-UI that’s protected with one-time URLs and/or one-time codes, delivered via SMS for example. The same convenient way of self-service continues on certificate renewals, with users being automatically notified to re-enroll their certificate and are provided with a one-time URL to do that.

– One-Time Passwords – Users can concatenate passwords with a one-time code from their preferred token provider, like OpenOTP Token App, RC200/300/400, Google Authenticator, or from any OATH compliant Hardware or Software Token.

– Push Login (aka one-tap login) – Users with OpenOTP Token App can authenticate to WIFI by simply pressing “Accept” on the login that was pushed to their mobile.

– Application Passwords – Users provide a personal, Wifi-specific and time-limited application password which has been pre-registered via the self-services.

– Voice Biometrics – Users are required to speak their security passphrase on their Mobile Token to start the Wifi connection.

Features

Main features

Dynamic Access Control Lists
With OpenOTP RADIUS Reply Attributes, you easily can configure per-user or group access control metadata to be passed to your network devices during the user authentication process. A good example is VLAN access attributes which enable access to specific VLANs based on your WebADM IAM policies.
Enforce WebADM Client Policies per Wifi Network (SSID)
RCDevs 802.1X for Wifi is fully compatible with WebADM client policies. This means you can define access control policies for each of your Wifi SSIDs. Client policies allow controlling which groups of users can access the network, at what time and even based on LDAP metadata filtering.
Wifi Access with Client Certificates
WebADM includes a PKI service and some very simple certificate management interfaces. A user certificate can also be used to transparently provide access to the Wifi network. Revoking Wifi access is as simple as removing the certificate from the user object.

Key features

Supported on Enterprise Wifi with EAP-TLS
Supports any OpenOTP method (Tokens, Yubikey, SMSOTP, MailOTP, Push, Voice Biometrics etc)
Supports LDAP, OTP, Push and LDAP+OTP login modes
Convenient Two-Factor with password concatenation
Per user and group reply attributes for Ethernet and VLAN based access
Authentication policies per client application or group of users

Compatibilty

Compatible with

This is a non-exhaustive list of OpenOTP compliant products

Cisco Wifi using the EAP-GTC technology
Wifi devices supporting Enterprise RADIUS with EAP-TTLS-PAP
3com
brocade
cisco
Sophos
IBM
DELL

How to

See how simple it is to integrate OpenOTP with Wifi

Read more about related products

Authentication methods

Our Solution for Physical Network provides Two-Factor with all OpenOTP One-Time Password methods:

Choose which package you want to download:

To request an online demo, you only have to create your account or contact us.

Online Demos are available for free to let you try RCDevs multi-factor in 5 minutes and authenticate with your mobile or Yubikey.
en_USEN
en_USEN fr_FRFR de_DEDE