Avaya revs Identity Engines for more secure BYOD

Version 8.0 includes Ignition Access Portal for quickly identifying and configuring devices based on type and user

Network and security vendors such as Cisco, Juniper, and Enterasys are lining up at Interop this week with products aimed at easing security admins' BYOD-spawned migraines. Also in the queue: Today's release of Avaya Identity Engines (AIE) 8.0, designed to help organizations better secure and control who can access wired and wireless networks, as well as how they do it.

The move represents the struggling networking company's attempt to broaden its mobile strategy, which has included the Flare Experience -- a videoconferencing product to rival to the Cisco Cius -- followed by a Flare client for the iPad.

AIE 8.0, as part of Avaya Mobile Collaboration for Enterprise, boasts two new capabilities of note. One is Ignition Access Portal (IAP), which is capable of automatically registering and fingerprinting devices when they attempt to access an organization's network. The second is Ignition CASE Client (ICC), a client that covertly configures Windows devices to securely access the network.

The enhancements aim to address the increasingly common scenario where a guest or an employee tries to access a company network with a new iPhone, iPad, Android smartphone, or other mobile device. With the new IAP feature, Avaya Identity Engine can identify the device and the user based on his or her login credentials, "fingerprint" it, and register it accordingly, based on supplied policies.

For example, a sales manager logging on with a new, company-supported iPad or Windows laptop might instantly gain access to all the network resources to which he or she already has rights. However, that same user might gain only limited access when hopping onto the network with a personal, unsupported Android smartphone.

According to Avaya, Ignition Access Portal can be customized and deployed throughout the network and across geographical locations, based on an organization's needs.

The Ignition Case Client, meanwhile, is suited for situations when a guest on a Windows device needs secure, limited access to network resources. When a guest tries to gain access, the ICC agent goes to work, scrutinizing the device to gauge if it meets specific security requirements and, if necessary, configuring the device without revealing the necessary certificates or shared keys to the users. The configuration process takes seconds, according to Avaya, after which the CASE client disappears from the user's equipment.

The CASE Client supports only Windows with today's release, but according to Avaya, Mac support is forthcoming. A CASE client for iOS is not necessary, according to Avaya: "Customers should use the Apple ICU (iPhone/iPad Configuration Utility) [meaning the free Apple Configurator utility available from the Mac App Store] to create access profiles for iPads; [these profiles] are really XML files," the company tells InfoWorld. "These profiles can be posted on any intranet page or even via the access portal to make them available to employees through login."

This article, "Avaya revs Identity Engines for more secure BYOD," was originally published at InfoWorld.com. Get the first word on what the important tech news really means with the InfoWorld Tech Watch blog. For the latest business technology news, follow InfoWorld.com on Twitter.