Multi-Tenant Network Security


Clients in a multi-tenant office environment expect that IT infrastructure should be ubiquitous, and that it should "just work" without them having to make any significant effort.

Providing such a service can be quite challenging, due to requirements such as:

  • Network security - Prevent the spread of worms and viruses between.
  • Plug-and-play networking - DHCP and DNS services should enable clients to just plug-in and get online.
  • Active Directory Support - Network must work with and not against a client's AD infrastructure.
  • Seamless Wireless integration - Ubiquitous wireless networking that integrate seamlessly with the wired network.
  • Flexiblily and mobility - Clients will want to access their own network segment from switch ports and wireless access points spanning a wide area.

FireRack has been designed from the outset to address these issues. This is how FireRack tackles these issues.

Network Security

The primary design goal with FireRack was to facilitate network segmentation in the most secure manner possible. Using the web-basd control panel, network administratores can create as many as 4096 network segments (or security zone) spanning as many switches, or wireless access points as they wish.

Each network segment has its own firewall policy, and IP subnet configuration. From a client perspective, a security zone behaves as a though it was a dedicated firewall, configured to suite that individual client.

Plug-and-play Networking

Each security zone can have its own DHCP configuration, tailored to the client's needs. Advanced DHCP featues required for (for instance) provisioning of Voice-over-IP handsets, such as Cisco and Polycom, are supported. All of this can can configured using just the web-based user-interface.