NAC is an access control solution for the organizational network, allowing enforcement of
information security policy over all network-related components.
The Challenge
In today’s business reality, where the organizational network is accessible from anywhere
and the number of consumers, devices and IoT products connected to it is growing rapidly, it
is essential to implement an access policy for the organizational resources and to instantly
neutralize any unfamiliar or malicious entry attempt to the network pointed to exploit security
vulnerabilities and to cause financial or reputational damage to the organization.
To prevent unauthorized hostile access to the organization’s resources, it is required to have
the ability to identify any endpoint devices trying to connect to the organizational network
and to allow entrance and access to them solely after an injective authentication, subjected
to the security policy determined by the organization.
In any case that the endpoint device fails to be in line with the policy, it is crucial to neutralize
the attempt and block it in real-time.
Solution
Network Access Control solution implements access control for the organization-network,
utilizing software tools provided by the biggest manufacturers; these tools identify devices
and IoT products attempting to connect to it. The identification and authentication processes
are being executed on different layers and advanced protocols (802.1x, amongst others),
and the devices are classified as authorized or malicious.
Main Features
– Identifying devices through SNMP, 802.1x, MAC Address and other protocols.
– Reach (Rich?) profiling of numerous devices.
– A solution in the form of “Always Closed”.
– A solution that doesn’t require implementing an agent (Agentless), bind with a
solution that supports installing an agent on the endpoint station for stronger and
safer authentication while keeping it continuously compliant.
– A solution that supports a great number of manufacturers, devices and IoT products.
– A solution that supports Incident Response capabilities provided by integrations with
3 rd party products.
After examining the technologies offered by the market and the world’s leading software
providers dealing with Network Access Control, Spider Networks selected these products as
leading solutions in the NAC field:
– Identity Services Engine (ISE) by Cisco
– Pulse Policy Secure (PPS) by Pulse Secure. (Forscout?)
Implementation
A System Architect and a System Engineer provided by Spider Networking will define,
configure and implement a suitable solution while being fully coordinated with the client.
Service
Spider Networking is employing specialists holding years of experience operating and
managing complex and advanced communication and security products. They go through
periodic training provided by the biggest hardware and software companies, our business
partners.
Support
We are providing our customers with a 24/7 service center staffed by Spider Networking’s
engineers.