HC Networks Launches New Version of Authentication Appliance 'Account@Adapter+ V7' with Automation from Certificate Issuance to Network Connection

HC Networks Co., Ltd. (Headquarters: Taito-ku, Tokyo; President and CEO: So Tanaka) will begin offering 'Account@Adapter+ V7 Ver. 7.04' this autumn. This new version of its self-developed and sold authentication, account management, certificate issuance, and DHCP appliance 'Account@Adapter+ V7' implements a new flow that automates everything from certificate issuance to network connection, strengthening its ability to meet increasingly sophisticated and diverse network authentication requirements.

■ Background

In recent years, the adoption of certificate-based authentication, which does not rely on IDs/passwords or MAC addresses, has been progressing in network authentication, with an increasing number of companies considering its introduction. However, the issuance and distribution of certificates, device configuration, and migration from existing environments place a heavy burden on both administrators and users, posing a barrier to adoption.

To reduce the administrative burden, our company has previously provided a 'Certificate Import Tool' that allows users to proactively apply for and obtain certificates. However, in environments where users' IT literacy varies, operations dependent on user actions presented challenges, and a simpler mechanism for deployment and operation was needed. Therefore, this version implements a flow that eliminates user operations, automating the process from certificate issuance to network connection.

Furthermore, as security guidelines and industry standards continue to be developed, the requirements for network authentication and wireless LAN design are becoming more advanced and diverse. Based on this background, this version reduces the construction and operational load of certificate authentication while also expanding control functions to meet diverse authentication requirements.

■ Main New Features of Account@Adapter+ V7 Ver. 7.04

◇ Automation from Certificate Issuance to Network Connection Without User Operation

This feature implements a flow that eliminates user operations and automates the process from certificate issuance to connection, reducing the deployment and operational load of certificate authentication even in environments where users' IT literacy varies.

Specifically, by simply distributing the Certificate Import Tool (application) to devices via Active Directory or asset management tools, the program automatically executes triggered by device startup, completing the process from certificate issuance to import onto the device and network profile configuration without any user intervention.

This significantly reduces the operational load of configuration work and inquiry responses for both administrators and users, providing a certificate authentication infrastructure that is realistically deployable even in large-scale environments.

Furthermore, our company offers a comprehensive construction support system, providing support tailored to the deployment phase, from support by our SEs to customer-led construction. We also provide numerous design guides (configuration procedure documents) tailored to the desired configuration and requirements, allowing customers to proceed with the migration of RADIUS servers or transition to certificate authentication methods with confidence, from design and construction to the start of operations. We will continue to expand our construction support and related documentation to accommodate diverse environments and requirements.

A demonstration of this feature is planned for 'Interop Tokyo 2026'. You will be able to see the automated flow from certificate issuance to network connection on the actual screen, so please visit our booth if you are interested.

◇ Flexible Wireless LAN Design with Per-SSID Authentication and Network Attribute Control

This version incorporates the following three new functions:

- Function to specify allowed authentication methods for each SSID
- Function to specify the account database to be referenced for each SSID
- Function to change the network attributes to be responded for each SSID

The first function, which allows specifying allowed authentication methods for each SSID, enables flexible configuration of authentication methods according to the requirements of each layer, even in environments where networks are completely separated, such as the three-layer separation in local governments, realizing network authentication in line with security policies.

The second function, which allows specifying the account database to be referenced for each SSID, makes it possible to use different authentication infrastructures appropriately for each SSID, such as an external Active Directory for the internal SSID and an internal DB for the guest SSID. This allows efficient operation of multiple user categories or separated AD environments on a single authentication platform.

The third function, which allows changing the network attributes to be responded for each SSID, enables both user-based dynamic VLAN (DVLAN) control and SSID-based fixed VLAN control to coexist on the same authentication platform. This realizes flexible wireless LAN design tailored to actual operations such as BYOD, guests, test environments, and migration periods.

By strengthening the authentication control functions for each SSID in this way, we can now provide a more flexible and practical network authentication infrastructure for customer environments with diverse industries, scales, and operational requirements.

◇ Network Attribute Control Using Client Certificate Information

This version also implements an access control function based on certificate attribute information.

This function allows dynamic control of VLANs and various network attributes by referencing the subject information (CN, OU, O, etc.) contained in the client certificate. This enables granular access control based on the type of user or device, affiliated organization, etc., even within the same SSID. Furthermore, it enables advanced segment separation without increasing the number of SSIDs, realizing practical wireless LAN design utilizing certificates.

◇ RADSEC Support for Secure RADIUS Communication in Cloud Wireless LAN Environments

This version supports RADIUS over TLS (RADSEC) to enhance compatibility with cloud-managed wireless LAN environments. RADSEC encrypts RADIUS communication with TLS, enabling secure authentication communication even in configurations that go through cloud environments or external networks. This provides a RADIUS authentication platform that is easy to operate with peace of mind, even in environments where the use of cloud-managed wireless LANs and managed network services is progressing.

■ Product Page Information

For various functions and details of Account@Adapter+ V7, please visit the following URL.

Product Page URL: https://www.hcnet.co.jp/adapter/accountadapter.html

■ About HC Networks Co., Ltd.

As an integrated IT infrastructure vendor, HC Networks challenges the possibilities of IT and demonstrates the power to create the future. With the technical capabilities cultivated over 40 years since its founding in 1981, it provides unique value through its self-developed products in servers, networks, security, cloud, virtualization, work style innovation, and operation services.