By Michelle McLean
In recent posts, we’ve been discussing the reality of LAN sprawl – the multi-dimensional growth of users, applications, and devices – and the challenges of maintaining control in such a dynamic environment. Context, with a full understanding of who’s doing what, is key to regaining that control.
One of the primary attributes of context is user identity. The question of “who” is doing the activity, particularly tied to the role or roles of that user, is one of the most critical elements in enabling appropriate access control.
Analyst firm Gartner has also been talking about the role that identity must play, particularly in the recent report entitled “Introducing the Identity-aware Network.” In that report, Gartner analysts write:
“... because networks are blind to a user's identity, the risk is that users "see” applications that they are not authorized to access. For example, a contractor who has been granted network access could 'go exploring' (undetected) and attempt to access sensitive information.”
Gartner goes on to recommend that organizations make their networks identity aware, noting:
“Network managers can add identity-aware networking solutions to the network infrastructure. If they are deploying a new network infrastructure, then they should consider newer infrastructure solutions that embed identity-aware technology."
Why do organizations need identity in the LAN? Gartner cites these key drivers...