Fully protect remote wireless access points with Secure WiFi
Many organisations now deploy remote access points to provide users greater flexibility and easy access to a network connection – or provide a link to small clusters of users or devices. With Zyxel’s new Secure WiFi license, you can make sure that these connections just as well protected as users and devices on the office network, as Thorsten Kurpjuhn, Security Market Development Manager Europe explains.
Many more people are connecting to networks remotely now. That’s a trend that’s certain to grow, and it’s obviously important to make sure those connections are secure. Individual remote users can be protected with VPNs or point-to-point links, and these options are available on Zyxel’s USG FLEX firewall appliances.
But things get a little more complicated when you deploy an access point remotely, as you will have multiple users or devices connecting to what is effectively a single link to the central network. Many organisations are doing this now, to provide easy access for one or more groups of remote users – in a small branch office, a shop or a classroom, or part of a hotel or leisure complex that is located away from the main campus or building, for example. Or to support clusters of sensors or other IoT devices.
Whatever the reason for deploying remote access points, it’s really important to make sure that these connections are totally secure. You might imagine that this can be done quite simply, by positioning a firewall between the access point and the gateway to the network. But it is not quite that simple with a remote access point; remote users or devices are connecting to the network through the access point, and that means it is not so easy to set up a conventional VPN or a point-to-point link, as these were designed for direct, point-to-point remote links.
Also, because the access point is remote, it is not as easy to tell exactly what devices are being connected via WiFi. In theory, anyone who can get access to the access point itself, could connect to it.
To provide the really solid protection that you need Zyxel has now introduced the Secure WiFi license on the USG FLEX range of security appliances. This can be provided as an extension of our Nebula cloud management system, which is now available on all USG FLEX appliances, or for firewalls and access points that are managed on-premises.
Secure WiFi uses a technology called Network Virtualization using Generic Routing Encapsulation (NVGRE). This ingenious protocol allows multiple secure tunnels to be created between the remote access point and the firewall. It thus provides high levels of protection against any attempt to listen-in or break-into the connection between the remote access point and the USG FLEX device.
With Secure WiFi in place, users or devices connected through the remote access point get the same level of protection that they would have if they were directly connected to the central network. It thus enables you to deploy remote access points with total confidence and maximise return on investment in Zyxel USG FLEX firewall appliances.
Multiple remote access points can be supported with Secure WiFi – the number depends on the specific USG FLEX device. Licenses are available for one or two years. If you would like to find out more about Secure WiFi, please get in contact with your nearest Zyxel office or partner.