August 25, 2003, 10:37 AM — Network administrators at enterprises with mobile employees who move between multiple kinds of networks will be able to set policies to control that usage with the next version of NetMotion Wireless Inc.'s NetMotion Mobility software, which was announced Monday.
For each type of network, those policies will be able to control which applications employees can use and whether they can access servers, according to Paul Brickel, senior product manager at NetMotion in Seattle. That can improve employees' productivity by blocking slow downloads and non-work-related uses, as well as saving the enterprise money on precious cellular data bandwidth, said Steve Cullen, NetMotion president and chief executive officer.
The proliferation of networks available to employees at work and on the road raises questions for network managers about securing data and maintaining worker productivity while keeping costs low, Brickel said. NetMotion's software is designed to make it easier for users to roam among networks, including wired LANs, wireless LANs, cellular networks and dial-up access, and for administrators to manage the use of those networks. Among other things, it lets employees keep network-dependent applications running as they roam from a wireless LAN in the office to a cellular network such as GPRS (General Packet Radio Service) outside.
Until now, NetMotion Mobility has left the door open to users running any application on any kind of network connection. With version 5.0, NetMotion is introducing an optional add-on module for policy management that will let IT managers control what employees can do on each kind of network.
For example, an administrator may not mind if employees surf the Web on a wireless LAN in the office because that network has plenty of bandwidth. However, if that employee leaves the office and switches over to a GPRS card on the same notebook, downloading pages may hog bandwidth that the mobile operator charges for on a per-bit basis. The administrator could write a policy that says HTTP can't be run on the GPRS connection, Brickel said.
Likewise, to meet security requirements, a policy could be set to prevent access to a sensitive internal application via wireless LAN, he said.
Once they have been set on a server, policies are sent out to devices, so they can be enforced there and traffic doesn't have to traverse the network to a server before a decision is made, Brickel said. Policies can be set for a whole class of devices or for classes of employees and customized for individuals, or set specifically for one user.
If a device is stolen, administrators will be able to remotely set a policy on that device that says it can't access any networks, Brickel said.