Secure IP Address Management Layer 2 Network Access Control Solution

Similar documents
Cisco NAC Network Module for Integrated Services Routers

Cisco Network Admission Control (NAC) Solution

Networks with Cisco NAC Appliance primarily benefit from:

PrepAwayExam. High-efficient Exam Materials are the best high pass-rate Exam Dumps

Wireless LAN Solutions

Symantec Network Access Control Starter Edition

QuickSpecs. HP enterprise access point WL520. Overview

Securing the Empowered Branch with Cisco Network Admission Control. September 2007

HP ProCurve Network Access Controller 800

Enterprise-class Wireless LAN Controller supporting more than 1000 APs

Campus Manager. Out-of-Band Network Access Control for Wired, Wireless and VPN Networks. DataSheet

Questions to Add to Your Network Access Control Request for Proposal

Symantec Network Access Control Starter Edition

Gigabit SSL VPN Security Router

Symantec Network Access Control Starter Edition

Enterprise Guest Access

Cisco Data Center Network Manager 5.1

ForeScout Extended Module for MaaS360

ForeScout CounterACT. Automated Security Control Platform. Network Access Control Mobile Security Endpoint Compliance Threat Prevention

Huawei Agile Controller. Agile Controller

ForeScout CounterACT. Continuous Monitoring and Mitigation. Real-time Visibility. Network Access Control. Endpoint Compliance.

Cisco WAP131 Wireless-N Dual Radio Access Point with PoE

ScreenBeam Wireless display over LAN

NEC Express5800/ft series

Cisco WAP351 Wireless-N Dual Radio Access Point with 5-Port Switch

NETWORK ACCESS CONTROL OVERVIEW. CONVENIENCE. SECURITY.

The Neutron Series Distributed Network Management Solution

Securing Wireless Networks by By Joe Klemencic Mon. Apr

Reviewer s guide. PureMessage for Windows/Exchange Product tour

Aruba Instant in AirWave 7.7

Product features. Applications

BW1330. High Performance Hotspot Access Point. Browan Communications. 6 August 2007 Version 1.0

WE SEE YOUR VOICE. SecureLogix We See Your Voice

CounterACT 7.0 Single CounterACT Appliance

Cisco Exam Questions & Answers

Interoperability guide Phoenix Contact WLAN clients with Cisco Wireless LAN Controllers (WLC) Published:

ForeScout CounterACT. Single CounterACT Appliance. Quick Installation Guide. Version 8.0

Seqrite Endpoint Security

Portnox CORE. On-Premise. Technology Introduction AT A GLANCE. Solution Overview

Cisco Identity Services Engine

USP Network Authentication System & MobileIron. Good for mobile security solutions

ForeScout Extended Module for VMware AirWatch MDM

Simplifying your 802.1X deployment

ForeScout Extended Module for MobileIron

Cisco EtherSwitch 4- and 9-Port High-Speed WAN Interface Cards Datasheet

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

CounterACT 7.0. Quick Installation Guide for a Single Virtual CounterACT Appliance

SOLO NETWORK (11) (21) (31) (41) (48) (51) (61)

ExtremeWireless WiNG NX 9500

Cisco Meraki Wireless Solution Comparison

DIGITAL VIDEO RECORDER

TrustNet Manager Group Encryption Management for Policies, Keys and Devices

NX 9500 INTEGRATED SERVICES PLATFORM SERIES FOR THE PRIVATE CLOUD

NEXT GENERATION SOLUTION FOR NETWORK ACCESS MANAGEMNT & CONTROL

Forescout. Quick Installation Guide. Single Appliance. Version 8.1

WMS WLAN Management Solution

Provide One Year Free Update!

Cisco WAP371 Wireless-AC/N Dual Radio Access Point with Single Point Setup

MANUAL NWAC7000. Wireless Management Platform

Deployment Guide. Best Practices for CounterACT Deployment: Guest Management

Meraki Z-Series Cloud Managed Teleworker Gateway

Configuring NAC Out-of-Band Integration

Klaudia Bakšová System Engineer Cisco Systems. Cisco Clean Access

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

Data Leak Prevention

Amigopod Release Notes. Updating to Amigopod Document Overview. Overview of the Update Process. Verify the System s Memory Limit

Deploy a Customer Site

Forescout. eyeextend for VMware AirWatch. Configuration Guide. Version 1.9

Exam: : VPN/Security. Ver :

EWS1200 Series EWS T, EWS T, EWS1200D-10T. > Manage and monitor up to 50 wireless APs. > IEEE802.3ad Link Aggregation > STP/RSTP/MSTP

Quick Install & Troubleshooting Guide. WAP223NC Cloud Managed Wireless N Access Point

NAC Director. Out-of-Band Network Access Control for Wired, Wireless and VPN Networks. DataSheet

Implementation of NAC at ORNL

70-414: Implementing an Advanced Server Infrastructure Course 01 - Creating the Virtualization Infrastructure

PATCH MANAGER AUTOMATED PATCHING OF MICROSOFT SERVERS AND 3RD-PARTY APPS

Cisco MCS 7845-H1 Unified CallManager Appliance

UA-5200 IIoT Communication Server

Novell ZENworks Network Access Control

Business Wi-Fi Solution. MODELS: AC500,AC50,CAP1750,CAP300, CAP300-outdoor

OWL630 OUTDOOR ACCESS POINT

DS Series Solutions Integrated Solutions for Secure, Centralized Data Center Management

BW1330. High Performance Hotspot Access Point

New Product: Cisco Catalyst 2950 Series Fast Ethernet Desktop Switches

DA-682A-DPP Series Quick Installation Guide

JetNet 5428Gv2. Features. Industrial 24FE+4G Gigabit Managed Ethernet Switch INDUSTRIAL ETHERNET RACKMOUNT SWITCH

Data Leak Prevention

security FRAUD PREVENTION Business Checklist Safeguard your money, your credit and your good name.

REMOTE IT MANAGEMENT SOLUTIONS: MANAGE REMOTE OFFICES WITHOUT LEAVING YOURS

ACCP-V6.2Q&As. Aruba Certified Clearpass Professional v6.2. Pass Aruba ACCP-V6.2 Exam with 100% Guarantee

BYOD: BRING YOUR OWN DEVICE.

Datasheet. Enterprise Gateway Router with Gigabit Ethernet. Models: USG, USG-PRO-4. Advanced Security, Monitoring, and Management

CONVERGENCE 32XX Series PDH / Ethernet Convergent System

MR Cloud Managed Wireless Access Points

ForeScout CounterACT Pervasive Network Security Platform Network Access Control Mobile Security Endpoint Compliance Threat Management

Submitted on behalf of the DOE National SCADA Test Bed. Jeff Dagle, PE Pacific Northwest National Laboratory (509)

The Hub of Your Connected World Smart Enterprise Wi-Fi

DATA SHEET MODEL AXC1000 HIGHLIGHTS OVERVIEW. Redefining Enterprise Wireless Management

Deployment Guide. Wireless Display over LAN. Version 1.0

Lasso CDP. Lasso. Administration Tool Guide. August 2005, Version Lasso CDP Administration Tool Guide Page 1 of All Rights Reserved.

AC1200 Gigabit Dual-Band Access Point with USB Port

Transcription:

Secure IP Address Management Layer 2 Network Access Control Solution

Layer 2 Network Access Control Solution Benefits Why IPScan XE for Your IP Management? Benefits IPScan XE is a high-performance solution (a must-have for the network administrator who wants to manage endpoint communications) and an agentless network access control solution that provides network administrators with essential tools, including IP address management. Increases security against internal network breaches Prevents costly downtime associated with IP address conflicts Enhances regulatory and best practices compliance Streamlined IT and network engineering operations Effective centralized management Dedicated probe for large scale distributed networks Secured stability with enhanced network control Reinforced security against unauthorized IP/MAC control Real-time notifications and reporting Easy deployment & operation Lowers total cost of ownership Case Studies With IPScan XE, we could manage our resources more efficiently with less effort, less time and less expense Samsung Challenges Unable to control external and/or internal guests accessing the network under DHCP environment. Needs to protect automated factory devices which use fixed IP addresses. IP duplications on any of the factory devices will lead to the factory downtime (unable to calculate the loss!). Why IPScan? Extensive reference sites which prove its stability and technology. Does require neither network reconfiguration nor agent installation (transparent deployment). After Deployment Effectively controls external and/or internal guests by pre-assigning network access period (increased network security). Protects IP addresses of factory devices to minimize the factory downtime caused by IP duplications. After the initial deployment, they have integrated with HR resource database to control ex-employees accessing the network to steal company confidential information. Defined, deployed, and settled and strict network access policies applied to internal employees increases work efficiency for IT managers. LG Challenges Problems with video conference system between HQ and regional offices due on IP management. Needs to analyze IT resource status in each branch office (relied on branch manager s report). Security issues in a number of branch offices with wireless LAN. Security issues on unknown and/or unauthorized devices accessing the network. Why IPScan? Prompt technical support and knowledge on deploying and designing network access policies. After Deployment Prevents IP duplication on video conferencing devices ensuring the system uptime. Increases security under WLAN allowing only the authorized devices. Creates accurate IT resource inventory system (e.g. number of PC, network and system devices, printers and etc.) for each branch office to find out the current status, based on which, IT device purchase decision and expansion plan were made.

Layer 2 Network Access Control Solution Solution Overview IPScan XE Agentless network access control with secure IPScan is an IP/MAC resource management and network security solution that enables IT managers to automate the IP/MAC resource management process. IPScan controls network access of any device that uses IP addresses. Utilizing a powerful blocking technology, IPScan ensures that unknown and unauthorized IP/MAC addresses are prevented from accessing the network. By deploying IPScan into your network, you can centrally manage distributed IP/MAC address resources more safely, effectively and efficiently. IPScan provides IP-enabled organizations with valuable security, availability, compliance and operational efficiency benefits & ROI. If You have these kind of issues, we can make it better IP Address Management Manually update daily changed IP allocation or online status. Difficult to manage real-time online IP/MAC status. Unable to prevent IP duplication in real-time. Unable to control unauthorized IP/MAC in use. DHCP IP Management IP allocation failure in rush hour. High cost for HA or/and relay server. Monitoring only DHCP IP pool. Unable to manage static IP range. Unable to manage the IPs of server or network devices. Unknown allocates unauthorized DHCP IPs. Network Access Control Difficulty of implementing. Installing PC agent program. IP-phone, etc. High deployment cost. Changing network devices. Unable to control non-supported O/S such as network printer, Not easy to control non 802.1x devices. Everywhere

IPAM + Agentless NAC + IPScan XE is an agentless network access control solution that provides network administrators with essential tools manage IP/MAC devices IPAM Agentless NAC Agentless & out of band Non 802.1x based Real-time layer 2 IP/MAC control Unauthorized device blocking Time-based usage control User identification management by IP/MAC Switch port control & management Authorized pool management for internal users Unauthorized pool management for external & temporary users Fixed DHCP IP allocation Access time control for temporary users Auto blocking Static IP in DHCP IP range Static IP device control IP conflict protection IP changing protection Unused IP blocking Time-based IP usage control Network Diagram IPScan with 3rd Party Easy implementation for the current environment with visitor control Static IP area New MAC Blocking Static IP protection Unused IP address blocking IP-MAC binding IPScan Probe DHCP Request DHCP Request DHCP Request DHCP Request Blocking New MAC Registered DHCP client Built-in Secure Need to replace the existing, but, it provides more managed and secured DHCP environment Mission critical IP protection (IP conflict protection) Unused IP address blocking IP-MAC binding, etc. Built-In Static IP area IPScan Probe DHCP DHCP DHCP Registered DHCP client Authorized DHCP Pool Blocking DHCP Instant New MAC Blocking New DHCP client or Temp IP Allocation Unauthorized DHCP Pool

IPScan XE Features Dynamic IP management (secure ) - Quarantine unauthorized DHCP client - Network access time control for visitor - MAC address filtering for access security - Static IP address control in DHCP pool - Unknown detection Secure IP/MAC management Static IP address management - Real-time IP/MAC status update for entire network: online/offline/ unused/expired, IP change, new IP, new MAC, IP conflict, etc. - Unused IP reservation - IP-MAC binding - Group & description LAN access control & L2 security - Appliance based NAC policy enforcer (non 802.1X) - Improve vulnerability management process - L2 Security : controlling access by MAC address filtering - Manual / automatic network access control : IP blocking / MAC blocking - Increase wireless network access security (AP bridge mode) IP conflict management - IP protection on mission critical devices Automatic IP/MAC inventory - Online, offline, unused IP/MAC address Protection from IP Conflicts Access Network IP : 192.168.100.10 Factory Line IP Device IP : 192.168.100.11 Internet Banking Server IP : 192.168.100.12 Network IP Device Protection Protection Protection Blocking Blocking Blocking Access Access Network Network IP : 192.168.100.10 IP : 192.168.100.11 IP : 192.168.100.12 Attempt to access to the network IPScan XE Major Functions Easy implementation No need to apply PC based agent program No need of network upgrade (802.1x) Easy control of user interface. Supports 802. 1q to manage multi-vlan environment. Layer 2 access control solution Controls devices regardless of operating system. Agentless control solution. Controls network devices (Switch, Router, IPT, etc.). Providing advanced features Embedded DHCP function Controls entire IP devices regardless of IP management environment. Real-time management Real-time IP/MAC inventory status. Real-time alarming events. Real-time blocking and authentication. Real-time IP conflict monitoring.

Solution Review Layer 2 Network Access Control Solution IPScan XE IPScan is deployed by hundreds of large enterprises, service providers, governments and military agencies and educational institutions. IPScan consists of four components: (1) administrative console software, (2) centralized server, (3) database, and (4) distributed hardware; probes. IPScan is the only solution that provides complete control over all IP/MAC access onto the network. IPScan automatically detects and documents every ethernet and IP address that attempts the network access, and enforces centrally defined policies in real-time, with the ability to block unauthorized devices from communicating on the network. IPScan helps secure networks against internal breaches, prevents inadvertent network disruptions from address conflicts, mitigates the risks of non-compliance with regulatory requirements for securing and controlling customer, corporate financial and gaming operation information, and increases IT's operational efficiency in delivering information service. IPScan Components 1. IPScan Console Installed on the IT manager's PC, it connects to the IPScan Server to view, monitor and define IP/MAC policies. 2. IPScan Server Installed in the main data center, it communicates with probes to receive and store collected data and forwards the IP policies defined by IT manager. It supports MS-SQL 2000~2012 Server, Oracle and MySQL 3. IPScan Database Collected data and policies are stored in the RDBMS. MS-SQL 2000 ~ 2012 Server, Oracle and MySQL Server are compatible. DB Server and IPScan Server can be installed in the same hardware platform if there are fewer than 5,000 active IP's. For more than 5,000 active IP networks, a separate hardware platform is required for each. 4. IPScan Probe A software-technology-embedded hardware probe designed to control small to large size network. Implements the policies defined by the IPScan Console Supports 802.1q to manage multiple VLANs from a single device. Built-in (Probe 50, 100A, 200, 600R, 1000R) Solution Advantages Technical Advantage LAN access security: Non-802.1X based. Agentless. No port mirroring required, Out of band control less cost, less complexity, easy operation Unique static IP address management : IP-MAC binding, unused IP blocking, IP change control IPAM with IP control, IP protection Secure : Non-DHCP client detection and blocking. Static & DHCP mixed environment management. Unauthorized DHCP client management Advanced with non-dhcp client control ARP based real-time monitoring and control: Easy-to-deploy IP/MAC monitoring/control for any Layer 2 environment (Just connect to any switch/hub port) Vendor independent, device independent (Unmanaged switch, managed switch, HUB, AP, PC with PC Firewall) Multi-VLAN environment supported (Using 802.1Q) High capacity: HA support, 100,000 devices control in a Server Securing More with Less Simple & Cost Effective

Specification Layer 2 Network Access Control Solution IPScan XE IPScan Probe 50 IPScan Probe 200 RMI AU 1550 MIPS Core(333MHz) 64M DDR RAM 2Mbyte NOR 1GBbyte NAND Ethernet 10/100Mbps, (RJ-45 ) 1Port. RS-232 Console 1Port. 118(W)x30(H)x118(D) 440g 5W IPScan Probe 100A IPScan Probe 600R RMI AU 1550 MIPS Core(333MHz) 64M DDR RAM 2Mbyte NOR 1GBbyte NAND Ethernet 10/100Mbps, (RJ-45 ) 1Port. RS-232 Console 1Port. 200mm(W) X 44mm(H) X 196mm(D) 1.3Kg 6W RMI AU1550 MIPS Core (500MHz) 128MB DDR RAM 2Mbyte NOR 1GBbyte NAND Ethernet 10/100Mbps, (RJ-45 ) 2Port. RS-232 Console 1Port. 200mm(W) X 44mm(H) X 196mm(D) 1.3Kg 6W Intel Celeron 2GHz 1GB DDR2 RAM 2GBbyte CF Module Ethernet 10/100Mbps, (RJ-45 ) 6Port. RS-232 Console 1Port. 430mm(W)x44mm(H)x285mm(D) 4.4Kg 68W IPScan Probe 1000R Intel Dual Core 1.8GHz 1GB DDR3 RAM 2GBbyte CF Module Fibre-optic SFP module 2 slots RJ-45 10/100/1000 Base TX 6ports RJ-45 Console 1Port (RS-232 converter included) 430mm(W)x44mm(H)x385mm(D) 5.6Kg 74W

ViaScope International Inc. 3rd Floor Hwangjae Bldg., 20, Songpa-dong, Songpa-gu, Seoul 138-170, Korea Tel. 82-2-3412-9700 Fax. 82-2-3412-9800 www.viascope.com E-mail: oversea@viascope.com

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback