With a suite of features to identify users, devices and applications and to control the access and privileges they get on your network, Mojo provides a comprehensive solution to enforce context-based policies and protect your network from abuse in today’s world of BYOD and IoT.
Integration with Google® G Suite
If your organization uses Google G Suite for business or education, you can enforce an additional layer of security for WiFi users with Mojo’s integration with Google G Suite. No additional hardware, software or license is required. Regardless of whether you are using PSK or 802.1x for authentication, you can enforce network access control for WiFi users and devices based on users’ Google account privileges and organization unit (OU) membership.
Role Based Control
Role based controls can be enforced on a per SSID basis. You can create role profiles to match roles configured in your RADIUS server, Google G Suite or both. Rules of precedence can be used to combine settings defined in a role profile and SSID, and enforce policies in terms of role attributes such as VLAN access, firewall rules, application firewall rules, per user bandwidth control and redirection to a captive portal.
If your organization uses Bonjour based services such as Apple® AirPlay, AirPrint and file sharing, Mojo APs can be configured as a Bonjour Gateway to allow WiFi clients to discover and access those services across VLANs. This feature can be enabled on a per SSID basis and works for both static and dynamic VLANs.
Stateful L3-L7 Firewall
Mojo APs can enforce SSID-based rules for inbound and outbound traffic based on host or domain name, IP address, port number, protocol, e.g., UDP, TCP, and applications. Leveraging the in-built application visibility engine, rules can be defined to block or allow specific applications, e.g., Minecraft, or an entire category of applications, e.g., Games, or to mark applications with DSCP for appropriate handling at the network layer.