An enterprise network typically includes a central site which is located at a particular physical location (e.g., a main office on a particular enterprise), and a number of remote physical sites which include their own local area networks (LANs). Each remote physical site (e.g., a branch office) includes one or more remote sites which communicate with the central site via the Internet. Among other things, network applications, data or services are often maintained at the central site. Among other functions, the central site is generally responsible for managing communications to and from a large number of wireless communication devices which can be distributed throughout the physical sites which are part of the enterprise network. In some cases, the central site can be responsible for managing thousands of wireless communication devices which can be distributed among the various physical and/or remote sites that make up the enterprise network (e.g., in retail environment). This way wireless communication devices located at the remote physical sites can access network applications, data or services which are maintained at the central site. For example, one common scenario would be where a user at the remote site wants to access data maintained at the central site (e.g., where a store clerk wants to inquire about availability of a certain product).
It is desirable to restrict access to certain network applications, data or services so that only “authorized” network users at the remote site can access them. At the same time, it is also desirable to allow other “unauthorized” network users to access the Internet and/or a limited portion of the network applications, data or services maintained at the central site via the WLAN at the remote site. For instance, in one scenario where the enterprise is grocery store chain, it would be desirable to allow guests or prospective customers who are at the store to access the Internet via a WLAN at one of the grocery stores that is part of the chain.
Accordingly, it is desirable to provide improved techniques for restricting access to applications, data and services maintained at a central site of an enterprise network. It is also desirable to give “unauthorized” users access to a limited number of services without allowing such unauthorized users to also access all of the network applications, data or services maintained at the central site. Furthermore, other desirable features and characteristics of the present invention will become apparent from the subsequent detailed description of the invention and the appended claims, taken in conjunction with the accompanying drawings and this background of the invention.