A Fortune 500 organization is looking to strengthen the security of their wired LAN. All security implementations need to be managed centrally, and permit corporate-owned devices to access the intranet and restrict other devices to access Internet only. What is your suggestion?