Datasheet
SmartPass 7.4 (continued)
2
Beyond Identity-based Networking
Trapeze Networks pioneered Identity-Based
Networking on wireless LANs and has several
fundamental patents related to managing ses-
sion keys across distributed databases spanning
multiple WLAN controller. These innovations
resulted in reliable, seamless campus-wide
layer-3 roaming across APs, even when the
APs are managed by different controllers. In
short the identity follows the client anywhere
it roams - indoors, outdoors, wherever.
With time however, it has become clear that
the unique elements of mobility, combined
with the shared media nature of Wi-Fi, calls
for even more intelligent management of
the privileges extended to different users.
Privileges should not be set once and then
forgotten. Instead they should be adjusted
dynamically, based not only on who they are,
but also on where they are, what they are
doing, what time/day it is, and ultimately
upon what others around them are doing too.
Once again, Trapeze is first to recognize and
address this need, and does so in a standards
based way, which takes advantage of existing
RADIUS infrastructure.
Dynamic Authorization
With SmartPass, you not only permit or
deny access based on user identity, but can
also change authorization attributes – what
resources the user has access to – on the fly,
based on changing conditions.
SmartPass works with your other network-
ing infrastructure equipment, such as RADIUS
to enable you to change access to network
resources for users based on dynamically
changing conditions or events. Such condi-
tions include the user’s physical location or
change in location, the user’s SSID (wireless
network name), after roaming to a new access
point, or based on meeting certain conditions
from RADIUS accounting, such as session life
or amount of traffic passed. A user’s access
privileges can be adjusted during the middle
of a networking session if desired.
Access Control Policies
SmartPass uses sophisticated Access Control
Rules (ACRs) or “policies” to enact dynamic
authorization. With ACRs the IT manager has
extensive flexibility over how they control and
change access for a user. Using a standards-
based approach (RFC 3576) SmartPass aug-
ments the existing RADIUS server to change
the client’s access to various network resources
based on location, time of day, user identity,
SSID, VLAN, accounting data, and more.
SmartPass can change authorization attributes
even during active networking sessions, and
invoke ACRs on demand, via the WEB API from
another application, or by time or date via the
built-in scheduler.
Location Integration
An essential ingredient for enabling location
aware policies, is instantaneous access to
accurate up-to-the-minute positioning data
for any client. SmartPass is the only wireless
Access Control software that is seamlessly
integrated with location. It uses position-
ing information obtained from the Trapeze
LA-200E Location Appliance to allow access
control and dynamic authorization based on a
user’s physical location.
The LA-200E provides real time location
positioning for any Wi-Fi device accurate to
within three meters. SmartPass adds location
information to the user’s RADIUS accounting
data enabling the network manager to invoke
policies such as accept/deny, change band-
width, or change allowed resources based on
the physical location or “locale” of the client.
Safe, Flexible Guest Provisioning
SmartPass provides industry leading guest
access functionality with precise control by
time-of-day, day-of-week, date range, and
duration. It includes pre-defined profile
templates for different guest types, including
guest passes for 1 hour, 12 hour, 24 hour, 5
days, 5 days - Business hrs only, and offers the
ability to create custom templates. SmartPass
also provides the ability to create guest
accounts in bulk, with intuitive or random
usernames. A pre-existing list of usernames
can be imported.
Advanced Access Control
Are you who you
claim to be?
Authentication
Can your device
be trusted?
End Point Integrity
Are you who you
claim to be?
MAC Addr, User ID,
Password, Keys
Still deserve
same access?
What access do
you deserve?
Identity, Posture,
Firewall, Encryption
Location, Time-of-day,
Bandwidth, Apps
Authentication
Authorization
Access Control
Conventional
Access Control
Access Control
with SmartPass