Network Access Control (NAC)
Identity-based NAC with IPS and SIEM Integration
Product Overview
Enterasys Network Access Control (NAC) is a complete standards-based, multi-vendor
interoperable pre-connect and post-connect Network Access Control solution for wired and
wireless LAN and VPN users. Using Enterasys NAC Inline Controller, NAC Out-of-Band Gateway
appliances and/or NAC Out-of-Band Gateway Virtual Appliance with NMS NAC Manager
configuration and reporting software, IT administrators can deploy a leading-edge NAC solution
to ensure only the right users have access to the right information from the right place at the
right time. Enterasys NAC is tightly integrated with the Enterasys Intrusion Prevention System
(IPS) and Enterasys Security Information and Event Manager (SIEM) and Enterasys Network
Management Suite (NMS) Automated Security Manager to deliver best-in-class post-connect
access control.
The Enterasys NAC advantage is business-oriented visibility and control over individual users and
applications in multi-vendor infrastructures. NAC protects existing infrastructure investments
since it does not require the deployment of new switching hardware or that agents be installed on
all end systems. Enterasys NAC performs multi-user, multi-method authentication, vulnerability
assessment and assisted remediation. It offers the flexibility to choose whether or not to restrict
access for guests/contractors to public Internet services only—and how to handle authenticated
internal users/devices that do not pass the security posture assessment. Businesses have the
flexibility to balance user productivity and security. The NAC assessment warning capability
alerts users that they need to upgrade their system but can allow a grace period before they
are quarantined.
Enterasys NAC policies permit, deny, prioritize, rate-limit, tag, re-direct, and audit network
traffic based on user identity, time and location, device type, and other environmental variables.
Enterasys NAC supports RFC 3580 port and VLAN-based quarantine for Enterasys and third-
party switches, plus more powerful isolation policies (which prevent compromised endpoints from
Benefits
Business Alignment
• Protectcorporatedatabyproactively
preventingunauthorizedusers,
compromisedendpoints,andother
vulnerablesystemsfromnetworkaccess
• Effectivelybalancesecurityandavailability
forusers,contractorsandguests
• Proactivelycontrolthesecuritypostureof
alldevicesonthenetwork
• Efcientlyaddressregulatorycompliance
requirements
• Cost-efcientprotectionforenterprise
remoteofces
Operational Efficiency
• Leverageexistingassessmentservers,
authenticationservers,softwareagents
andidentitysourcesavoidingforklift
upgrades
• Enablebusinessstafftoeasilysponsor
guestsandvalidateguestregistration
•Protectphysicalandvirtualized
environmentswithexibledeployment
optionsincludingappliancesandvirtual
appliances
Security
• Enablethestrongestsecuritywithne
grainedaccesscontrolbasedonuser,
device,time,locationand
authenticationtype
• Assessendsystemsofanytypefor
vulnerabilitiesorthreatswithagent-based
oragent-lessassessmentincludingthird
partytools
• Automateendpointisolation,quarantine
andremediation,plusongoingthreat
analysis,prevention,andcontainment
Service and Support
• Industry-leadingrstcallresolutionrates
andcustomersatisfactionrates
• Personalizedservices,includingsitesurveys,
networkdesign,installationandtraining
Completesolutionfeaturingin-
line,out-of-bandappliancesand
virtualout-of-bandappliance
Open,standards-based
architectureandopenAPIs
Comprehensivedashboard
reportingandadvanced
noticationengine
Managedguestaccesscontrol
withsponsorship
Uniedpolicymanagement
inheterogeneouswiredand
wirelessenvironments
There is nothing more important
than our customers.
DATASHEET
Commentaires sur ces manuels