BOULDER, COLO. – December 19 2018 – JumpCloud®, the first cloud-based directory service, announced today the addition of VLAN assignments to their RADIUS-as-a-Service offering. Now, not only can end users securely authenticate against JumpCloud’s cloud directory for their network access, but they can also segment their network with VLAN (virtual local area network) assignments.
A VLAN allows IT admins to better manage network traffic by segregating collections of users and their devices. The result is better security and more control over which network resources users can access. Cloud RADIUS services are a core feature of the broader JumpCloud Directory-as-a-Service® platform, which secures access to systems, apps, files, and infrastructure in addition to networks.
The concept is simple. Users should only be able to access the IT resources that they are authorized to use. Making segmented VLANs allows IT organizations to isolate users from devices and IT resources.
Historically, on-prem equipment such as RADIUS servers and the identity provider were needed to integrate with the networking infrastructure. With JumpCloud’s announcement of cloud hosted VLAN assignments (also known as dynamic VLAN tagging), there is no equipment required on-prem beyond an organization’s WAPs (or switches).
“It’s exciting to release features that allow our customers to increase their organization’s security posture,” said Scott Reed, Solutions Architect at JumpCloud. “Per-user VLAN tagging using JumpCloud’s RADIUS-as-a-Service reply attributes can now be used to drastically improve network security by reducing the overall attack surface. In addition to RADIUS reply attributes, we have enhanced our Multi-Factor Authentication workflows, full disk encryption offering and OS update policies to help meet the needs of our users. Cloud-hosted RADIUS, with the ability to serve per-user VLAN reply attributes, is yet another way JumpCloud is making security easier for organizations to implement.”
VLAN attributes allow network administrators to provision access to resources depending on the user’s needs or department. Individual users and groups of users alike are assigned to VLAN segments within a RADIUS server. When logging in, user credentials are passed through a WiFi access point to the JumpCloud virtual RADIUS infrastructure and are then verified with (Read more...)
*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Katelyn McWilliams. Read the original post at: https://jumpcloud.com/blog/usermanagement/vlan-attributes-jumpcloud/