Nomadix for Enterprise & Education
From hospitality to telecom to education
Staying connected is good for business - especially when you give your customers the opportunity to connect to reliable and secure Internet access. From the hospitality and healthcare industries to telecom and education, high-speed Internet access (HSIA) is just a click away with Nomadix’s diverse array of solutions.
Nomadix for Enterprise:
With the increased prevalence of the BYOD movement, enterprises and government agencies struggle to keep up with the data volume that crosses their networks. The bandwidth demand created by the proliferation of Wi-Fi-enabled devices forces these organizations to reevaluate their current policies and look for solutions that will allow them to maximize their bandwidth.
With a steady stream of visitors—from external consultants and attorneys to auditors and an evolving number of employees—enterprises and government agencies face the tremendous task of providing hassle-free and fast Internet access to internal and external individuals while ensuring that the local area network is secure. Because of the sensitive nature of the data contained in the networks of many enterprises and government agencies, it is imperative that there are no guest network breaches or attacks.
How a NITO and Gateway work together in an enterprise
Key Features for Enterprise
Guest Network Separation from Enterprise Network
Nomadix gateways create a network specifically for guests to allow for individual-user device management and authentication. This ensures network devices are not duplicated.
Captive Portal
Nomadix allows you to utilize one of two captive portals—built into the unit or via the flexible external server that sends commands back utilizing the Nomadix XML API. You may customize what your guests see before they gain access to the Internet..
Gateway Authentication
You may authenticate devices / users on your Nomadix access gateway differently depending on your desired outcome. By using a radius or our built-in group codes, you can allow multiple devices to log in with the same credentials. This works the best for vendor groups or guests who come from the same company.
BYOD Support for Multiple User Types
Enterprises and government venues must wirelessly support mobile devices for their employees and visitors without allowing all of them to access the same parts of the network. The Nomadix access gateway makes it possible for you to control the permissions for each group individually.
Bandwidth Management
Bandwidth at enterprises and government agencies must be controlled based on how much can be accessed at one time on a specific network. The Nomadix access gateway places a limit on each device to ensure all guests receive an equal amount of bandwidth.
Terms and Conditions
Nomadix’s ability to enforce a terms-and-conditions acceptance allows enterprises and government agencies to inform their HSIA users of the allowed access rules, making them more easily enforceable.
Home-Page Redirect
The network’s home page is made up of information about the institution providing the HSIA. This usually includes basic facts, upcoming events or other promotional messaging.
Plug and Play
Nomadix manages the MAC addresses of each unique device to handle plug-and-play functionality, which supports any IPv4-configured appliances.
Walled Garden
With the support of a walled garden, the enterprises and government agencies can enable specific sites that any user can access without going through the authentication process, which allows for promotional opportunities.
Reliability
The Nomadix access gateway uses our own trusted patented software and functionality instead of open-source patches from third- or fourth-party entities. This means reliability is built in from the start, utilizing a real-time OS to allow for direct development of the gateway by Nomadix.
Active Directory Integration for Staff Authentication
You may use the active directory, or a user database you already have in place, to identify specific users and their levels of network access. The Nomadix Internet Traffic Optimizer (NITO) provides a direct link to the company database to authenticate users and allow for granular reporting based on each specific user and access level.
Content Monitoring and Blocking Based on Categories
Category-based content filtering goes beyond basic URL-blocking lists—it analyzes the context and content of accessed sites. This information is used to create a baseline score determining whether or not the site should be limited or blocked. The content deemed acceptable can differ based on business requirements.
IPSec/VPN Endpoint
Secure enterprise connections must also be accessible from outside the company. NITO can work as an IPSEC endpoint for employees who need a secure connection for corporate resources. It can also work as an endpoint between different location disparate offices to keep the resources secured even though they are connected across the Internet.
Real-Time Logs
Diagnosing network issues is a large part of handling a corporation’s IT infrastructure. With real-time logs of Nomadix network and device behavior, you can quickly and easily prevent and solve problems. Having access to these logs, as well as the ability to filter the feeds, facilitates a detailed summary of what’s happening on the network.
Bandwidth Throttling of Categories
Deep packet inspection of content monitoring can also be used to throttle bandwidth for uniform traffic categories. This limits user access to large traffic sites to conserve bandwidth for a particular network. This allows greater management and control of overall network bandwidth..
Ease of Use
A simple setup and graphical user interface allow for a simple, streamlined administrative management experience, especially with products. Nomadix mostly uses a set-and-forget configuration that, once set up, allows a network to run smoothly. You can also easily search for information using the user interface to determine network behavior.
Full-Featured Firewall
A full-featured firewall will secure your network by keeping out unwanted traffic. NITO has a built-in firewall that includes intrusion detection and prevention while still allowing access to specific resources on your network. Nomadix makes firewall management simple—the firewall is integrated into the platform with the same simple user interface.
Quota Control for “Time Wasting” Applications
Productivity is boosted when specific webpage permissions are limited. NITO quotas allow for flexible timetables to restrict, but not prohibit, access to specific sites or site categories (such as social media) down to a predetermined minute.
Multiple WAN Links for High Availability
Although basic network connections are becoming more cost effective, some companies need more than a high-uptime symmetric connection. Nomadix allows multiple connections to different ISPs so companies can have a higher aggregate network connection for employees while reducing the price bottleneck that can occur with a basic, single connection.
Advanced Reporting of Traffic Usage and Trends
Corporate-network behavior analysis is valuable to companies, and NITO creates thorough traffic reports by drilling down to determine exact users, traffic patterns and usage. Generation of these reports can be scheduled and distributed to IT administrators to allow insight to network behavior trends at any given time.
Nomadix for Education:
Education has specialized needs for public Internet access. Academic campuses demand high levels of connectivity for public access and internal networks, thereby requiring stringent control and management capabilities for usage and bandwidth.
Both wired and wireless Internet connections are expected by students, faculty and visitors institution-wide, in buildings such as labs, libraries, and residence halls. Providing public access to a broad range of stakeholders can easily be turned into a steady revenue stream.
How a NITO Works in an education environment
Key Features for Education
Guest Network Separation from Education network
Nomadix gateways create a network specifically for guests to allow for individual-user device management and authentication. This ensures network devices are not duplicated.
Captive Portal
Nomadix allows you to utilize one of two captive portals—built into the unit or via the flexible external server that sends commands back utilizing the Nomadix XML API. You may customize what your guests see before they gain access to the Internet.
Gateway Authentication
You may authenticate your Nomadix access gateway differently depending on your desired outcome. By using a radius or our built-in group codes, you can allow multiple devices to log in with the same credentials. This works the best for vendor groups or guests who come from the same company.
BYOD Support for Multiple User Types
Education venues must wirelessly support students, teachers, administrators, parents and other visitors without allowing all of them to access the same parts of the network. The Nomadix access gateway makes it possible for you to control the permissions for each group individually.
Bandwidth Management
Bandwidth at academic institutions must be controlled based on how much can be accessed at one time on a specific network. The Nomadix access gateway places a limit on each device to ensure all guests receive an equal amount of bandwidth.
Terms and Conditions
Nomadix’s ability to enforce a terms-and-conditions acceptance allows academic institutions to inform their HSIA users of the allowed access rules, making them more easily enforceable.
Home-Page Redirect
The network’s home page is made up of information about the institution providing the HSIA. This usually includes basic facts, upcoming events or other promotional messaging.
Plug and Play
Nomadix manages the MAC addresses of each unique device to handle plug-and-play functionality, which supports any IPv4-configured appliances.
Walled Garden
With the support of a walled garden, the academic institution can enable specific sites that any user can access without going through the authentication process, which allows for promotional opportunities.
Reliability
The Nomadix access gateway uses our own trusted patented software and functionality instead of open-source patches from third- or fourth-party entities. This means reliability is built in from the start, utilizing a real-time OS to allow for direct development of the gateway by Nomadix.
Next Generation Web filtering
Founded on Nomadix’s groundbreaking real-time content filtering, our Nomadix Internet Traffic Optimizer (NITO) provides a proactive way to analyze and categorize Web content without relying on URL block lists. NITO gives you the confidence of zero-day protection from inappropriate or illegal content, anonymous proxy usage, malware, and wasted resources—going the extra mile for Web safety.
Reporting and Logging Analytics
Deploying NITP allows you to take control of Web usage to secure your network, no matter what devices are used. Explore usage with NITO’s log viewer, which provides in-depth stats in real time. The reporting suite offers more than 350 templates that can be easily shared with whomever, whenever.
Teacher Friendly Settings
Nomadix allows teachers, or other authorized individuals, to manage access to Web content via “Soft Block” temporary override, YouTube education support, classroom-level block list control and the enforcement of “Safe Search” for all major search engines.
Effective Cyber-Bullying Controls
Network administrators can control all posts to the Web (including Facebook, Twitter, vBulletin forums and instant messaging) attempted from your network live forms. To combat cyber bullying, customize your keyword database and NITO will send out an alert when any of the keywords are used. Reports on denied posts are available for any domain.
Nomadix Solution:
Nomadix offers its Nomadix Service Engine™ (NSE) software on our family of access gateways which provide a full suite of features and functionality to control access and ensure security when providing Internet access for visitors in an Enterprise environment. The NSE can also provide an additional source of revenue in an Education environment to offset the cost of the deploying wired and wireless (WiFi TM) networks.
- AG 5800 - The AG 5800 is enabled for high performance solution and scalability. The AG 5800 expands the ability to offer new NSE features with increased high-speed computational intensity. The AG 5800 is designed for deployment from mid to large venues with easy device user count scalability.
- NITO - The Nomadix Internet Traffic Optimizer (NITO) is a powerful high speed and cost-effective appliance designed to give you more from your existing bandwidth. By enabling IT managers to access and review traffic patterns and content usage, the NITO offers visibility and insight for intelligent bandwidth management and allocation. Plus, NITO's web content filtering and network security protect your network and users.
Nomadix Advantage:
The Nomadix Access gateway will keep your network secure from un-trusted users and unwanted guests, while removing the time intensive task of configuring every guest’s PC to match the settings of the enterprise network.
Below, are benefits of the Nomadix Access gateway when used in conjunction with Virtual LANs and Firewalls to ensure secure enterprise networks.
Securing the Network - A Virtual LAN (VLAN) is a logical network that can be created and secured from other logical networks on the same network LAN device, such as an Ethernet switch. The Nomadix Service Engine™ (NSE) can track the location from which each user has requested network access by the user’s unique VLAN identifier (ID). By using this method of user identification, the NSE can effectively manage secure access to the network.
Network Security and Plug-n-Play Access - Deploying a firewall in a network enables the network to be kept secure from unknown and unwanted users. The firewall can consist of a single router that filters out unwanted packets or may comprise a combination of routers and servers each performing some type of firewall processing. Firewalls are widely used to provide users with secure access to the Internet as well as to separate a company's public Web server from its internal network. Firewalls are also used to keep internal network segments secure. For example, it is usually desirable for the accounting servers and network to be kept secluded from the rest of the enterprise network, ensuring all unauthorized access is blocked.
Following are some of the techniques used to provide Firewall protection and the advantage of the NSE.
Packet Filter - Blocks traffic based on a specific Web address (IP address) or type of application (e-mail, FTP, Web browser, etc.), which is specified by port number. This can also be known as a “screening router.”
Network Address Translation (NAT) - Network Address Translation (NAT), an IETF standard that allows an organization to present itself to the Internet with one address which is translated to many IP addresses internally, typically one per client computer. NAT also serves as a firewall by keeping the users individual IP addresses hidden from other networks by using private IP addresses that are not known to the outside world.
The NSE contains Nomadix’ patented Dynamic Address Translation™ (DAT) technology to keep internal network users secure from an external attack. DAT also enables the Guest to get connected to the network without changing any configuration setting in their computer. The NSE also contains a URL Filtering feature that provides an additional level of security that defines which Web sites the network’s users cannot gain access to, enabling up to 300 URL’s to be blocked.
DAT was designed to eliminate IP configuration issues and their associated technical support calls and site visits allowing IT Administrators to deploy guest access without wasting valuable IT time and resources in providing this service to their partners and customers. Simply put, with Nomadix DAT technology in the network, guest users can run their computers in any configuration and still gain access to the network. This is a vast improvement over standard networks where every computer must be assigned several specific settings to enable user access the network. As DAT performs translation much like ‘basic’ NAT it provides the same level of user security.
Typically, without DAT the following settings must be configured:
- IP Address - Unique identifier that allows traffic to be routed to the computer.
- Subnet Mask - Parameter that defines the size of the network segment on which the computer resides.
- Gateway Address - The network location of the gateway (router) connected to the Internet.
- DNS Servers - Addresses that specify the location of Domain Name Servers for the computer and translates these addresses, such as www.yahoo.com - entered by users into their browser, into an IP address such as 216.24.105.223 that computers use.
In a non-Nomadix enabled network, every one of the above settings must be correct in order for a guest’s computer to gain access. For example, if a laptop computer that is statically configured for an office location is moved to a home network location, it will be unable to access the home connection because the network settings will be different between locations, forcing the user to maintain knowledge of these technical settings and change them whenever they move between locations.