Founded in 1986, Iberostar Hotels & Resorts is a world-class Spanish hotel chain that operates globally and specializes in 4 and 5-star all-inclusive resorts and luxury hotels. As a validation of Iberostar’s commitment to excellence, many of its hotels have been awarded the prestigious “Travelers’ Choice” award by TripAdvisor. Iberostar’s resorts are known for their pristine beaches, impeccable services, and professionalism, providing tourists and travelers from all over the world with an unforgettable vacation experience.

Image Source: Iberostar Hotels & Resorts

In recent years, providing Wi-Fi has become a norm in the hospitality industry – a service expected not as a luxury, but as an amenity. However, faced with large numbers of concurrent users, increasing number of mobile devices per user, and increasingly bandwidth-hungry applications, many hotels quickly realized the need for user and network management. The Iberostar resorts in the Dominican Republic (Iberostar Bavaro Suite, Iberostar Dominicana, Iberostar Punta Cana, Iberostar Grand Hotel Bavaro, Iberostar Hacienda Dominicus, and Iberostar Costa Dorada) were confronted with the same issues, and set out to search for a feasible and cost-effective Wi-Fi solution. The fundamental requirements defined by Iberostar’s management team were detailed user authentication, role-based policy assignment, and quick account generation, all of which were aimed at addressing the deluge of smartphones, tablets, and other Wi-Fi enabled devices.

After evaluating 4ipnet’s proposed solution, Iberostar’s team found that it could fulfill all of their needs, and was very pleased with the results. They decided to deploy WHG711 Wireless LAN Controllers and HSG1250 Hotspot Gateways across the six Dominican Republic resorts, with each controller accompanied by a wireless ticket generator set that would help front desk staff quickly print account credentials for guests. At the touch of a button, tickets with login credentials and matching QR codes could be printed, allowing guests to connect to the network without the troublesome login process.

The primary issue that 4ipnet’s solution resolved was unauthorized Internet access, which was a major point of concern for Iberostar from the security and reliability standpoint. After the 4ipnet system went online, every user was required to authenticate before accessing the hotel network, regardless of being a guest or hotel staff. Users would then be applied different usage policies such as firewall rules or bandwidth limitations depending on their pre-assigned role. Finally, the hotel could limit the usage time for each guest account. The fine-grained user control and network management features helped Iberostar maintain a secure and high performance public Wi-Fi environment.

Other features found useful by Iberostar included the customizable captive portals and built-in billing plans. Customizable captive portals allowed each resort to tailor the user login pages with their own logo and visual identity. At the same time, the on-demand account billing plans allowed the hotel to monetize Wi-Fi, turning its wireless network into an additional revenue stream for increased ROI. In summary, 4ipnet’s WLAN solution not only greatly enhanced the hotel network’s security and performance, but also dramatically improved customer experience. Keeping guests happy and returning with quality Wi-Fi service was Iberostar’s primary objective, and 4ipnet’s solution helped accomplish that feat.

Download the case study here:



WHG Wireless LAN Controller Buyer's Guide

Why should you buy the WHG controller? Read this guide to understand what the WHG has to offer and why you should buy it! For more product information, please visit our new website at www.4ipnet.com



4ipnet's New Website Officially Online!

Dear readers, we're happy to announce that our new website has just been released! The new website comes with a more stylish, professional look and the information is clearly presented.  We hope you'll like it! Check out here: www.4ipnet.com If you have any suggestions regarding the website, please let us know! Below is a snap shot of the main page.



4ipnet Teams Up with NTT-AT to Deploy Enterprise-grade Wireless Infrastructure at Aoyama Gakuin University for Extended Wi-Fi Access

Through its partnership with NTT-AT, 4ipnet successfully delivered a comprehensive and competitive wireless LAN solution for higher education.

4ipnet, a leading provider of competitive and comprehensive wireless LAN solutions for meeting tomorrow’s Wi-Fi demands, today announced that it has delivered a revamped wireless infrastructure to Aoyama Gakuin University in Tokyo, Japan to address increasing BYOD needs. Designed and implemented by 4ipnet’s partner NTT Advanced Technology (NTT-AT), the solution aimed to enhance the mobility and e-learning experience at the university, and turned out to be a great success.

Proud of its 130-year history, Aoyama Gakuin University relocated its campuses in Aoyama and Sagamihara in 2013. The university consists of 9 undergraduate departments, 12 graduate schools, and more than 20,000 students in total. In recent years, the dramatic increase in usage of smartphones and tablets on campus have put an unpredicted amount of stress on the university’s existing WLAN infrastructure, resulting in poor Wi-Fi connectivity. Although the university realized that upgrading the WLAN infrastructure was necessary, providing a reliable Wi-Fi service for over 20,000 students was not an easy task. In addition to controlling the total cost of ownership, the deployment was expected to be time-consuming and difficult. Therefore, the university began its search for a solution that could provide reliable wireless access under a limited IT budget.

Mr. Mishima, an Assistant Professor from the Institute of Information and Media, recalls the situation: “In 2009, we deployed some APs, but only in certain public areas such as dining halls and common rooms. Since professors and students were increasingly using notebooks or tablets in lectures, they needed high performance Wi-Fi.” Acknowledging the need for an infrastructure upgrade, Mr. Sakata, a Research Associate and colleague of Mishima’s, consulted with NTT-AT on how to address these Wi-Fi needs, and was extremely surprised by the response he received.

“First, I asked about the deployment in classrooms. The number of APs and the plan given really amazed me! They were very precise about where the APs should be deployed through simulation of the building structures and calculating radio wave interference based on the floor plans. I never imagined that this was possible! We held an on-site investigation later on, but the results were almost the same as the original suggestions.” Sakata continued, “The proposed 4ipnet APs were very attractive in terms of cost performance. Therefore, we could increase the number of APs without exceeding the budget, and extend the Wi-Fi coverage beyond what we had originally imaged. Moreover, we realized that it is possible to deploy more APs when necessary, as the network is very scalable.”

“The pressure from students and faculty members has been substantially relieved. The achievement was not only due to the high performance of deployed APs, but also the optimized placement locations,” said Sakata with a smile. “They helped us think in the shoes of the actual Wi-Fi users, and provided us with accurate, concise, and flexible feedback. This is the most important reason why we can rely on them.”

Through its partnership with NTT-AT, 4ipnet has successfully delivered a fully-featured and .competitively-priced WLAN solution to Aoyama Gakuin University. After the deployment, the number of Wi-Fi related complaints has drastically decreased, reflecting both the reliability of 4ipnet’s solution and the high quality of initial deployment planning. With BYOD becoming ubiquitous and mobile usage rising rapidly, institutes of higher education will find that 4ipnet offers a flexible and effective managed wireless network, catering to all types of needs and situations.

<About 4ipnet>

4ipnet is a global wireless network infrastructure provider for manageable, reliable and secure Wi-Fi access. The firm’s comprehensive product portfolio seamlessly unifies wireless and wired network access for all types of public Wi-Fi settings, ranging from small-sized hotels to large-scale enterprises. In an increasingly mobile-centric and data-driven environment, 4ipnet offers organizations affordable and competitive solutions to meet evolving capacity and performance demands while reducing total cost of ownership. For more information, please visit http://www.4ipnet.com or contact sales@4ipnet.com


4ipnet Wireless Access Point Optimization Part 8 of 8

Today we're putting an end to the wireless access point optimization series by introducing DHCP snooping and layer 2 firewall. Thanks for following through!

DHCP Snooping

In order for a device to begin using network services after connecting to an access point, it must first obtain an IP address from the network’s DHCP server. This is a point of vulnerability, as attackers can install their own DHCP server and assign clients arbitrary IP addresses and default gateways. In the worst case, a rogue DHCP server controlled by a hacker could potentially cause network administrators to lose control of their entire network, which is a major security flaw.

The DHCP SNOOPING feature on 4ipnet APs prevents this type of network failure by allowing network administrators to specify the IP and MAC addresses of trusted DHCP servers. As a result, the APs will filter out DHCP messages from unrecognized servers, preventing them from ever reaching client devices. Although DHCP attacks are typically not as big of a concern for small-sized networks, enterprise and government networks requiring the tightest of security measures will find DHCP snooping to be a beneficial added-layer of security.

Layer 2 Firewall

For security purposes, network administrators may sometimes want to block specific types of traffic directly at the access point, preventing them from ever reaching associated wireless devices, such as applications running on specific ports, or traffic originating from specific IP addresses. For example, if a school discovers that students are using the school’s network to play online games during class time, the school may want to block the port(s) that are used by the game to serve content. To address requirements such as these, 4ipnet access points are equipped with a LAYER 2 FIREWALL feature that help network administrators enforce usage policies.

Although firewall features are also available on 4ipnet wireless LAN controllers, there are a few major reasons for blocking packets directly at the network edge (at the access points):

Figure: Layer 2 Firewall can be configured to prevent unnecessary traffic from entering the wireless medium, improving overall performance

  1. Specific types of packets from the wired end of the access point will not be flooded out onto the wireless medium, decreasing interference and increasing overall wireless throughput.
  2. Malicious traffic from wireless clients can be blocked before ever entering the network, limiting the amount of potential damage.
Series Conclusion:

By introducing the various performance and security features on 4ipnet access points, the difference between consumer and enterprise-grade APs should now be much clearer – many of these features deal with applications and usage scenarios only found in large-scale deployments. In today’s smartphone and tablet environment, it is not uncommon to see an average of five to ten Wi-Fi enabled devices in traditional households. However, public Wi-Fi hotspots such as coffee shops, hotels, or office buildings may have ten times that amount or even more. The need for enterprise-grade APs is real. Enterprises and organizations have to address the ever increasing number of mobile devices and the seemingly insatiable desire for bandwidth. 4ipnet’s wireless LAN solution is well-aligned to help organizations of all types and scales face this rapidly evolving Wi-Fi landscape.



4ipnet Wireless Access Point Optimization Part 7

Good day! Today let us continue the wireless AP optimization series with "station isolation".

In many Wi-Fi environments, it is not uncommon to see upwards of twenty or thirty devices connected to a single access point. Allowing direct communication between these clients would be a security concern for network operators, as malicious traffic from one client could potentially affect another. The STATION (CLIENT) ISOLATION feature on 4ipnet APs allows network operators to prevent devices connected to the same AP from communicating with one another, essentially creating a virtual network per client.

Station Isolation prevents direct communication between clients on the same AP
Imagine that you have a bunch of strangers connected to the same access point in a coffee shop, all of whom are assigned IP addresses by the same DHCP server, which usually means that they are on the same network (subnet). If a user were to have file sharing turned on (e.g. Windows-based system), then all of the other users on the network would be able to browse the files of the exposed system. So while the user may have only wanted to get coffee and browse the Internet, he/she actually ended up sharing all of his/her personal documents to every other coffee-goer. This illustrates why Station Isolation is a crucial security feature, and why it is imperative for network administrators to enable the feature, especially when providing public Wi-Fi service.