Guest visitors to an enterprise, hotel, colleges or even public hotspots might need access to internet during their stay. The challenge faced by IT Managers is how to control and limit internet access of guest users without having to configure the guest’s desktop and yet have a solution which is cost effective and easy to manage. IT Managers would need a solution which would provide a positive visitor experience without compromising the security of an enterprise.
In providing internet access which could be for a day or even weeks during the stay of a guest, another challenge IT Managers face is creating temporary user IDs for guests. Maintaining such large changing list of users is tedious job for an admin. It is also difficult to apply access restrictions to these users, as users database is frequently changing/getting updated.
GajShield’s SECURE GUEST INTERNET MANAGEMENT SYSTEM fulfils all the above requirements, yet it is simple to manage, scalable and cost effective too. The system helps to manage guest users, whether wired, wireless or even using mobile for internet access. Its auto expiry feature makes it easy to manage large sets of guest users. Its reporting system gives in-depth usage information and helps to identify any misuse by these users.
With this system, IT Administrator can create guest users manually or provide an option to guests for self-registration. Gajshield’s Next Generation Firewall provides user credentials via SMS which expires after a pre-configured / pre-defined time. Security policies can either be set for the guest group or can be defined for an individual user.
By terminating the guest network on a separate port of GajShield Firewall, enterprises can also control and limit guest users access to corporate network.
User credentials can be either sent via email or using SMS. To send Username and Password via SMS, organisation will have to be registered with a SMS Gateway service provider. GajShield Firewalls come with pre-configured API parameters for various service providers. For service providers not listed in GajShield, the API parameters would have to be obtained and configured on GajShield Firewalls.
GajShield Guest Management System simplifies administration of guest users, a tremendous benefit for IT staff that will have a very limited workload in the daily operation.
Guest login portal
This is the interface used by guests and gives the very important first impression of a company. This portal is customized according and is a powerful branding as well as information delivery tool. Guests who connect their laptop or smartphone to the internet will immediately be redirected to this portal. They will then login to access the Internet.
One of the more popular guest provisioning flows is guest self-registration with SMS activation:
- The guest registers and enters his/her mobile number at the guest login portal.
- A one-time access code/ username and password is delivered to the mobile phone via SMS (Short Message Service).
- The guest activates the guest account using provided username and password.
The use of activation through the mobile number enables traceability of the guest’s activity in the network as the identity of the guest will be automatically validated through the mobile subscription.
This works as a control centre for IT staff. The Firewall Management System helps in configuring security policies for guest users along with configuring SMS gateway, guest portal and registration. It also provides a detailed reporting system built with intelligence to identify anomalies and misuse of policies.
Along with the above features, GajShield solution also provides the following:
- Create Guest Users Manually or User can register themselves through Registration process
- Add Guest Users in bulk (through csv upload)
- Delete Multiple Guest Users manually or enable Auto-Delete (automatically deletes user on expiry of validity)
- View Guest User Registration and Auto-Delete Logs
- Option to resend Guest User Credentials on SMS
- Create Group(s) of Guest Users
- Apply Security Policies (like URL, DLP, Application Filter Policies) based on Guest User(s) and/or Group(s) of Guest Users
- Apply Bandwidth Capping/Queue on Guest User(s) and/or Group(s) of Guest Users
- Apply UserSense Sessions and Authentication Schedule (Time Schedule) based on Guest User(s) and/or Group(s) of Guest Users
- Apply Bandwidth and/or Time Quota on Guest User(s) and/or Group(s) of Guest Users
- Can route traffic of Guest User(s)/ Group(s) of Guest Users through different ISP(s)
- Can apply BYOD restriction on Guest User(s) and/or Group(s) of Guest Users