Dynamic VLANs with RADIUS

Dynamic VLANs with RADIUSDynamic VLANs with RADIUSCreating dynamic VLANs with RADIUS represents a powerful security concept, but one that’s difficult to implement. There are a lot of variables that go into its set up. Components such as  wireless access points (WAPs), RADIUS servers, and identity providers (IdPs) each contribute to its complexity. The good news is that there is a next generation cloud identity management platform that is making VLAN steering easier to execute than ever before.

What is Dynamic VLAN Assignment?

What is dynamic VLAN assignment?Dynamic VLAN assignment is a great way for IT organizations to step up their network security efforts. The idea at play here is that users, or groups of users, can be placed into different VLANs, or segmented chunks of the same network, to increase security. For example, the sales team doesn’t need to be on the same VLAN with developers and vice versa. That means that if a bad actor were to gain access to either the sales or engineering VLAN, they still could not access other segments of that network, like the development VLAN. Effectively, this provides IT admins the ability to limit the the attack surface on a given network. Less attack surface, less potential for problems.

VLAN and RADIUS Implementation

network segmentation with VLANSo, while the benefits of dynamic VLANs with RADIUS are hard to overstate, the implementation process can present quite the challenge to IT admins. Segmenting a network can be done through WiFi infrastructure or through the network switches and routers. Users and groups of users are assigned VLANs and those assignments are placed into the RADIUS server, which is backended by an identity provider which validates credentials. All of these different components, network gear, RADIUS servers, directory services, and even endpoints need to be tied together to make the process of dynamic VLAN assignments work effectively. Of course, that can be a tall order for many IT organizations which is why the adoption of network segmentation hasn’t been nearly as high as it should be.

A Cloud-based Security Booster

Dynamic VLAN assignment with JumpCloudThankfully, a new generation of identity and access management solution is taking the heavy lifting out of implementing dynamic VLAN assignment (Read more...)

*** This is a Security Bloggers Network syndicated blog from Blog – JumpCloud authored by Katelyn McWilliams. Read the original post at: https://jumpcloud.com/blog/dynamic-vlans-radius/