SessionsTracker™ is a fundamental component of SafeConnect and IdentityConnect which tracks and correlates device session information in real-time. SessionsTracker™ unifies session management of “start”, “stop” and “update” information and data from network sources in a timely and accurate manner. SessionsTracker™ correlates information from “flow based” technologies like “Netflow” and “Sflow”, as well as control protocol services such as RADIUS and DHCP to maintain a “session” for the duration of time a device is active on the network. SessionsTracker™ enables SafeConnect to collect and correlate supplemental data (such as an identity-username or device type) from additional sources available on the network.
SessionTracker™ adds unique functionality which powers client life-cycle processing, keeping track of the user session as it travels from access point to access point–maintaining persistence and identity and eliminating cumbersome re-authentication. The feature also manages potential IP changes, freeing resources no longer needed as devices move in dynamic network environments. SessionTracker™ has been designed by Impulse Point “from the ground up” with dynamic, highly dense networks in mind.
The explosion of mobile devices, coupled with advances in wireless technologies and readily available cloud-based applications, has driven a fundamental computing shift within large network environments. Today nearly everyone has a smart phone, a laptop computer, and/or tablet in addition to other network-ready devices—which has created the need for IT organizations to implement higher density wireless networks to support the escalating volume of mobile devices.
The number and diversity of mobile devices in any corporation, hospital, college campus, or school district has exploded – easily tripling the number of devices seen just a few years ago. This puts tremendous pressure on IT infrastructure; as devices are added more resources are used, more bandwidth is consumed, more IP addresses are allocated and re-cycled, and more wireless access points are required to handle the increased density. The ability to successfully identify device types, ascertain the identity of the user, and maintain a positive user experience while roaming has also become a formidable challenge. Additionally, organizations are being challenged with the task of correlating device and user identity over time across their networks for regulatory compliance; security forensics purposes; and identity-based web content access and bandwidth management policies.
In the past, most institutions did not track identity-to-device information. This was mainly because the trend of long-term single location wired computing provided enough consistency to address the need to identify users and devices. Administrators could safely assume that should an event occur, the user would be easily identified, as the identifiable information would not have changed. With nearly all devices connecting wirelessly, this is no longer the case.
Today, virtually all wireless systems employ the ability to export authentication and/or device specific data like RADIUS Accounting. However, RADIUS Accounting was implemented over 15 years ago and was not designed or intended to address today’s constantly roaming mobile environment.
Wireless controllers will attempt to publish RADIUS Accounting information as clients roam, connecting from controller to controller; however, the result of all this communication must be analyzed. No definitive information exists indicating where a client is (in relation to the network) and how long the client has been attached. To solve this problem, Impulse Point has developed SessionsTracker™.