|
|
|
Identity Management
|
Feature
|
Description
|
Benefit
|
| Device registration |
Each device is forced to register prior
to accessing the live network |
Maintain a comprehensive view of devices
connected to the network at all times |
| Standards-based authentication |
Support for standards such as 802.1X, LDAP, RADIUS
for authentication, and user validation |
Leverages existing authentication infrastructure and
widely deployed technologies to quickly authenticate
users |
| 7-point identity profile |
Identify via user name; user role; device name; MAC
address; IP address; network access point; time |
Enables precise identity definitions for granular
policy assignment |
| "Get Out/Stay Out" control |
Quickly locate and disable any user or device starting
with a suspect IP address |
Get suspicious users off the network immediately and
prevent them from reconnecting until vetted |
| Dynamic VLAN assignment |
Users are directed to the appropriate VLAN based on
user, device, location, time-of-day, etc. |
Ensures each user is able to access appropriate resources
based on pre-defined business rules |
| Comprehensive role assignment |
Assign all users to distinct groups with specific
policies |
Enforce policies by group, rather than individual
user, streamlining policy enforcement process |
| Port-level role assignment |
User roles can be mapped to individual network access
ports |
High degree of granularity in assigning role-based
policies |
Endpoint Compliance
|
Feature
|
Description
|
Benefit
|
| Persistent and dissolvable agents |
Lightweight client software to assess
employee and guest device posture |
Ensure latest OS patches, hotfixes, AV
definitions, required software are installed and running
regardless of endpoint ownership |
| Pre- and post-admission endpoint analysis |
Continuous endpoint posture analysis |
Compliant machines remain compliant throughout the
network session |
| Self-remediation |
Guide users with non-compliant devices to download
needed anti-virus, anti-spyware, OS patches, etc. |
Empower users to update their own systems, reducing
helpdesk intervention |
| NESSUS scanning |
Network-based device vulnerability scanner |
Assess initial and on-going device compliance in non-agent
environments |
Usage Policy Enforcement
|
Feature
|
Description
|
Benefit
|
| Broad list of defined acceptable use policies |
Ability to define any number of acceptable
use policies |
Quickly implement company-specific security
policies |
| Four simultaneous user and device isolation mechanisms |
802.1X, MAC-based RADIUS authentication, DHCP and
VLAN steering via SNMP/CLI |
Consistent user and device isolation capabilities
for multi-vendor environments |
| Alarm and trap triggers |
Taking automatic policy-based action upon alarm receipt |
Automates manual processes to stop unauthorized activity
at the network access point |
| Integration with deep packet inspection solutions |
Action mechanism for violations triggered by deep
packet inspection solutions |
Enforce policy to the edge; identify and disable unauthorized
activities before they enter the network |
| Phased policy activation |
Allows roll-out by port, device or location |
Enables phased, logical deployment of the solution
to minimize business disruptions |
Management & Operations
|
Feature
|
Description
|
Benefit
|
| Intuitive management interface |
Powerful web-based system management homepage |
Drives operational efficiencies, quick
troubleshooting capabilities |
| Consistent registration, authentication, and remediation
functionality |
Common registration, authentication, and remediation
capabilities across wired, wireless and VPN connections |
Consistent user experience with the same look and
feel regardless of access method reduces support load |
| Remote registration and policy enforcement |
Allows users to register and verify devices before
arriving on-site |
Saves time for users and administrators |
| Standard reports |
Set of standard, out-of-the-box report formats |
Allows on-demand reporting for standard network performance
metrics |
| Standard SQL logs |
Standards-based database infrastructure for data import/export |
Ability to quickly generate reports to document regulatory
compliance, perform trend analysis, etc. |
| Customizable reports |
Sort data by deleted parameters, including time-of-day,
user, location, etc. |
Generate custom reports on-demand |
|
|
|
|
