What is an Access Controller?
An Access Controller is a piece of hardware that is installed in-line on an Ethernet cable segment to intercept all user attempts to pass through it. The Access Controller takes over the user's session and redirects their browser window to a login page called a "captive portal" web page where a valid user name and password must be entered.
The Access Controller is introduced between wireless (or wired) users and protected resources (like access to the Internet). The Access Controller presents the user login screen and confirms that the user is authorized to access the network (normally by communication with a RADIUS Authentication Server). If you want to have guest or visitor access to a network, or if you want to build a free, pre-paid, or subscription service HotSpot you require an Access Controller to control access and manage user sessions.
An Access Controller also addresses the issue of a private network where the dynamics of the user community make it unreasonable to account for each user's computer. Examples include network access for students at a college or university, access to the Internet for visitors in a corporate conference room or reception area, easy access to network resources for out-of-town employees who bring their own computers to the main office, and other situations where it is desirable to grant controlled network access to visitors and guests (but you don't want them to have to make configuration changes to their computers in order to authenticate and access the WLAN).
When a user first brings up their web browser they attempt to reach some particular web page, the user's machine issues a DNS ("Domain Name Service") request to lookup the IP address of the specified domain ("home.com"). The Access Controller takes over the user's session and returns the IP address of the login page on the site owner's web server (shown as "www.loginPage.com").
The user is now required to enter their userid and password, if they are authorized, software running on the loginPage.com web server notifies the Access Controller that the user is valid, and the user's connection proceeds normally. The web page to which the user is initially directed to is commonly referred to as a "captive portal" since the user can go nowhere else (they are "captured") and the page is the only way out to the rest of the network (it acts as a "portal").
Additionally this login page may provide access to what is commonly referred to as a “Walled Garden”. This term refers to a list of specific web URL's that can be reached through an Access Controller (and under the control of the Access Controller) before the user logs in. For example, in a hotel network the Walled Garden may include the hotel's own website, a local city guide site, and a weather site. A corporate Walled Garden may include access to web pages showing the current schedule, emergency information, or building maps.
|
