What was the problem?
The client was using a wireless network with employee access protected by a password that wasn't changed frequently. As a result, former employees could potentially continue to have access to the company's wireless network after their contracts had ended.
For the wired network, there was no verification, and any device that was plugged into a network socket gained access to shared resources.
What solution did we offer?
It wasn't practical to introduce a policy of changing the password for the wireless network after every change in employee composition. Therefore, we suggested that the company change the way they worked with the network and use the passwords they used to log into their computers for accessing the wireless network.
To secure the wired network, we introduced a verification process upon device connection to determine whether it should be granted access to the network.
In technical terms:
We introduced RADIUS authentication through Active Directory, allowing the use of passwords from the domain controller for access to the wireless network. For the wired network, we implemented the 802.1X authentication protocol, which allowed us to verify devices based on their MAC address.
The Result:
After implementing the new organization of work, with minimal investment, we achieved several important goals. On one hand, it became much more convenient for users to use the network when traveling between the company's different locations. On the other hand, we increased security to a level that ensures unauthorized users won't have access to the internal environment.