A typical Wi-Fi network in a hotel has multiple SSIDs, which are associated with different static VLANs. One open access SSID is for guest use, another open access one is for conference rooms, and the encrypted SSID is for hotel staffs. VLAN segmentation ensures guests’ traffic not to interfere with hotel’s operation and administration traffic. This sounds reasonable and satisfactory from hotel operators’ perspective. Nevertheless, it is unacceptable from guests’ perspective. Here are some security and performance concerns.
- Potential Security Breaches – All guests’ devices are assigned to the same VLAN when they are connected to the guest SSID. Therefore, they are all exposed to security breaches. When installed with special software downloaded from the Internet, any Wi-Fi device that is connected to the same SSID can begin eavesdropping and data snooping on other guests’ devices. Their identities including banking information, social network IDs, email, and other private traffic, will be intercepted. Literally, all useful details are revealed to anonymous hackers.
- Worst Casting Experience – To watch their own favorite programs in better video quality, more and more travelers now stream from the mobile devices using their own video subscriptions like Netflix, Hulu, DirectTV Now, and etc. When hotels have smart TVs installed in the guest rooms, guest can cast the video to the smart TV. Unfortunately, this is hardly achievable when guests are assigned to the same VLAN because guests will be unable to know which TVs should be paired with their mobile devices.
- Excessive Broadcast/Multicast Traffic – Wi-Fi traffic is congested when multiple Wi-Fi devices are broadcasting or multicasting in the network. Airtime efficiency will be significantly degraded and overall network bandwidth will be decreased. Subsequently, Wi-Fi users will have slow throughput, video streaming will be intermittent, and voice calls will be dropped.
All these challenges can be resolved with the dynamic VLAN assignment, which is the key technical differentiator of Samsung Analytics Billing & Security (SABS). When the hotel Wi-Fi is equipped with Samsung SABS, all devices from every guest will be under the same VLAN dynamically assigned when he signs up. In other words, all guests will be on separate VLANs. Hence, a personal area network (PAN) is established and only his own devices are in this private network. No more data snooping from hackers, no more broadcast/multicast traffic from other guests, and casting experience will be viable. Now guests can enjoy their own favorite show on the big smart TV in his room without any concerns about data breaches.
Beyond that, there are more technical and financial advantages of SABS.
- Fully Integrated Solution – SABS provides all required network elements for hotel in a single hardware. RADIUS servers, captive portal, firewall, gateway, billing server, and PMS integration.
- Less SSID configuration – With dynamic VLAN, there is no need to configure multiple SSIDs for different purposes. VLAN assignments will be based on the groups and policies defined in SABS.
- Traffic monitoring and alarm upon critical events – All data traffic will be monitored and recorded in SABS. In case of any policy violations such as data snooping, privacy intrusion, and illegal P2P downloads, an alarm will be triggered and configured security measures will take place. Client devices can be quarantined temporarily or permanently, and associated accounts can be suspended.
- Improved success rate of monetization opportunities – Revenue generation from the Wi-Fi network will be more application driven and behavior targeted. The data plan and coupon code will be tailored based on users’ application usage and browsing history so that the success rate will be improved substantially.
- Network efficiency optimization – With the awareness of applications and their respective usage, the bandwidth can be adjusted dynamically between APs so that the overall efficiency can be optimized. More bandwidth can be allocated to support more streaming services, while other non-data hogging applications are not comprised at the same time.
With guests’ increasing demands for more secure Wi-Fi network and better video casting experience, hotel operators need to have dynamic VLAN assignment on their network and SABS is the right solution.