30 Minute Interview

‘‘Unified Access Control provides user identity management combined with endpoint intelligence’’

Bisham Kishanani, Technical Consultant - Emerging Technology, Juniper Networks spoke to Dominic K about Unified Access Control (UAC) and how it can help enterprises manage security. UAC adds intelligence by integrating into the LAN infrastructure without requiring switching upgrades or pre-installed client software.

Bisham Kishanani

What is Unified Access Control?

Enterprise networks are increasingly complex and mobile with a multitude of users including employees, guests, partners and contractors requiring access to critical business information from network endpoints that are poorly managed, unmanaged, and in some cases, unmanageable. Business requirements demand that these users and devices get access to resources and applications, but providing access without sufficient controls opens the enterprise to a number of business and security risks and compliance challenges.

Internally connected PCs and devices that are either unmanaged or ill-managed pose a number of security issues. To fully mitigate threats and control access to the network and specific resources within it, the security framework must consider these endpoints and users. UAC provides user identity management combined with endpoint intelligence for policy control and visibility throughout the network. The centrally located platform adds intelligence by seamlessly integrating into the LAN infrastructure without requiring switch upgrades or pre-installed client software.

Innovative access control technologies seek to combine end user identity and endpoint integrity. Some solutions only use part of this combination, such as authentication, and combine it with traffic examination to create something that resembles a check of endpoint security state; but it really isn’t. Others rely solely on endpoint security state without any ability to combine it with network-based traffic processing capabilities for access control. A true solution must have the means to combine user identity, device integrity, and location information with policy for comprehensive access control.

Are the dynamics of information security different for the banking sector?

India’s financial infrastructure has been transformed over the last 10 years and become technology-driven. Public and private sector banks have completely networked their operations, or are in the process of doing so, over the last three years. The speed of transactions and customer services have both improved substantially.

The category of access control has become one of the hottest areas in technology today, offering a variety of benefits, from protecting intellectual property and enabling regulatory compliance to ensuring the productivity of the enterprise itself. The category is still evolving.

The top three IT priorities for the BFSI segment are security, data warehousing and servers.

There’s more of malicious traffic and threats with every passing day. Is there a way out?

As cyber-security threats increase in volume and sophistication, organisations worldwide are seeking to enhance the protection of their networks, applications, endpoints, and users with best-in-class security solutions. Evolving cyber-security concerns include denial of service (DoS) and other network layer attacks, unauthorised access across the perimeter and within the organisation, application layer intrusions and attacks, both from within and outside the network, extended connectivity through remote access and extranets, an increase in unmanaged or ill-managed endpoint devices and new applications like VoIP, instant messaging, and peer-to-peer.