As IT admins increase their sophistication of network management, controlling who has access to what parts of the network has become a point of focus. One area in particular where IT organizations can step-up their user access security is through virtual local area network (VLAN) steering. In this blog post, we’ll answer the question: what is VLAN steering?
The What (and Why) of VLAN Steering
Before we address what exactly VLAN steering is, let’s briefly talk about why IT organizations are even interested in it. For most IT networks, end users exist in the network together without any sort of segmentation by group, department, or needs. So, despite the fact that two users may have very different needs and security requirements, they are placed on the same network together. For security requirements and compliance needs, sometimes users need to be placed under different network segment controls. For instance, in an organization concerned with PCI DSS compliance, a user that needs to access sensitive data in the cardholder data environment may be placed in a separate more secure VLAN than the rest of the users.
That process of shifting users to their proper VLANs is called VLAN steering. Users or groups are assigned to a VLAN and once they have authenticated to the network, the RADIUS server and wireless access points work together to place that user in the proper network segment.
The more technical process in the background works like this. IT admins assign VLANs to their users and groups in a RADIUS server. The RADIUS server is, of course, integrated with the directory service so that users can be authenticated with their credentials. The RADIUS server is also connected to the WiFi network, and once the user is authenticated, the RADIUS server replies with attributes assigning the VLAN. The WAP accepts that assignment and places the user in the proper network segment.
VLAN Steering Option
Unfortunately, not every organization leverages RADIUS, and, on top of that, not every RADIUS solution has VLAN steering options. Despite this, companies still need the benefits that VLAN steering offers, and it is (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Zach DeMeyer. Read the original post at: https://jumpcloud.com/blog/it-admins/vlan-steering/