BOULDER, COLO. – December 19 2018 – JumpCloud®, the first cloud-based directory service, announced today the addition of VLAN assignments to their RADIUS-as-a-Service offering. Now, not only can end users securely authenticate against JumpCloud’s cloud directory for their network access, but they can also segment their network with VLAN (virtual local area network) assignments.
A VLAN allows IT admins to better manage network traffic by segregating collections of users and their devices. The result is better security and more control over which network resources users can access. Cloud RADIUS services are a core feature of the broader JumpCloud Directory-as-a-Service® platform, which secures access to systems, apps, files, and infrastructure in addition to networks.
The concept is simple. Users should only be able to access the IT resources that they are authorized to use. Making segmented VLANs allows IT organizations to isolate users from devices and IT resources.
Historically, on-prem equipment such as RADIUS servers and the identity provider were needed to integrate with the networking infrastructure. With JumpCloud’s announcement of cloud hosted VLAN assignments (also known as dynamic VLAN tagging), there is no equipment required on-prem beyond an organization’s WAPs (or switches).
“It’s exciting to release features that allow our customers to increase their organization’s security posture,” said Scott Reed, Solutions Architect at JumpCloud. “Per-user VLAN tagging using JumpCloud’s RADIUS-as-a-Service reply attributes can now be used to drastically improve network security by reducing the overall attack surface. In addition to RADIUS reply attributes, we have enhanced our Multi-Factor Authentication workflows, full disk encryption offering and OS update policies to help meet the needs of our users. Cloud-hosted RADIUS, with the ability to serve per-user VLAN reply attributes, is yet another way JumpCloud is making security easier for organizations to implement.”
VLAN attributes allow network administrators to provision access to resources depending on the user’s needs or department. Individual users and groups of users alike are assigned to VLAN segments within a RADIUS server. When logging in, user credentials are passed through a WiFi access point to the JumpCloud virtual RADIUS infrastructure and are then verified with the on-board cloud identity provider (IdP). After this, the JumpCloud RADIUS server attaches what is known as a RADIUS reply attribute, which ensures that the user is authenticated to the network and assigned to the correct VLAN.
“We’re constantly on the lookout for new, high impact ways to increase our security,” Michael McLaughlin, Head of IT with Better Mortgage. “JumpCloud’s new cloud RADIUS reply attributes functionality really streamlines network segmentation, helping us to have more control over our network and take security to the next level.”
Organizations such as Better Mortgage gain efficiency and security with a networking solution that’s integrated with their identity provider. Directory-as-a-Service doesn’t just help segment their networks, it unifies identity management across systems, apps, and infrastructure too.
JumpCloud’s cloud VLAN assignment functionality is available immediately as part of its cloud directory service.
JumpCloud, the first Directory-as-a-Service platform, is Active Directory® and LDAP reimagined. JumpCloud securely manages and connects user identities to their systems, applications, data, and networks. Get started with JumpCloud’s cloud-based directory service at jumpcloud.com.