When it comes to wireless networks, the idea of a captive portal for users is nothing new. Guest networks have been doing this for a long time. Usually the page is just a quick screen that might have a logo, company description and rules for using the wireless network. There are definitely other useful reasons to use a captive portal on your wireless network, and some of which are very important. A few useful reasons to use a captive portal that come to mind are legal, social engagement and authentication-based access control.
Guest networks are a very common service that businesses provide to their customers and visitors. From coffee shops to retail shops to amusement parks, users want to be connected at all times. This makes these networks very important. That being said, the businesses themselves need to be protected legally.
A very important and common reason for captive portals is to present the connecting users with a list of terms and conditions that they need to accept before the Internet connection is established. Then, if they engage in any illegal activity such as pirating music or using stolen credit card information, the business has some protection because the user would be breaking the terms and conditions that they agreed to. It’s not bulletproof for a business, but it is the first step to protecting a business while it provides an open internet connection for its customers and a very essential step at that.
Sometimes the guest network does not need to be wide open. Businesses may require users to login when connecting. One way that businesses are handling guest authentication nowadays is to use social media during the connection process. With so many users on social media, Facebook, for example, is a unique way to authenticate for guest access.
Using social media allows businesses to “put a face” to a device and gain other valuable analytics concerning the users and devices on their networks. With the value of social media nowadays, the value of this information that could be gained from the guest users in invaluable.
The other use for a captive portal is user authentication and to provide specific access permissions for those users. One example of how this works is with an Aruba wireless network with Aruba ClearPass.
Here’s an example that I like to use: Vendors and technicians come to your location and require network access. You have a specific, dedicated SSID that they can connect to when they are onsite. All of these outside users do not require access to the same things, though. By using a captive portal with authentication, you can assign each of these users a login and then drill down the access levels that you assign them.
It all goes back to a saying I learned when I first started in networking: Assign the least amount of access privileges to users while still allowing people to do their job. By using captive portal authentication with ClearPass, you can do just that: Allow the users to connect to an open network, log into the captive portal, and receive the predetermined access permissions they need. Just one more use case of many for configuring a captive portal on a wireless network in your environment.
Follow Kevin Blackburn on Twitter at @TheRoutingTable.
