Security and Control for all Devices on the Access Network

Similar documents
Security and Control for all Devices on the Access Network

HiveManager Local Cloud

ARUBA CLEARPASS POLICY MANAGER

TITLE GOES HERE RUCKUS CLOUDPATH ENROLLMENT SYSTEM. The only integrated security and policy management platform that delivers: COMPRISED OF:

ARUBA CLEARPASS POLICY MANAGER

Secure wired and wireless networks with smart access control

Cisco Network Admission Control (NAC) Solution

HiveManager Public Cloud

ENTERPRISE NETWORKS WLAN Guest Management Software

Cisco ISE Features Cisco ISE Features

ClearPass Ecosystem. Tomas Muliuolis HPE Aruba Baltics lead

Pulse Policy Secure X Network Access Control (NAC) White Paper

QuickSpecs. Aruba ClearPass Policy Manager Platform. Overview. Aruba ClearPass Policy Manager Platform The most advanced Secure NAC platform available

Cisco Identity Services Engine

ARUBA CLEARPASS POLICY MANAGER

Bring Your Own Design: Implementing BYOD Without Going Broke or Crazy. Jeanette Lee Sr. Technical Marketing Engineer Ruckus Wireless

Cisco Exam Implementing Advanced Cisco Unified Wireless Security v2.0 Version: 9.0 [ Total Questions: 206 ]

ACCP-V6.2Q&As. Aruba Certified Clearpass Professional v6.2. Pass Aruba ACCP-V6.2 Exam with 100% Guarantee

Cisco ISE Features. Cisco Identity Services Engine Administrator Guide, Release 1.4 1

Provide One Year Free Update!

A. Post-Onboarding. the device wit be assigned the BYOQ-Provision firewall role in me Aruba Controller.

RUCKUS CLOUD WI-FI Cloud Managed Wi-Fi

Alcatel-Lucent OmniVista 2500 Network Management System

Enterprise Guest Access

ClearPass Policy Manager

COPYRIGHTED MATERIAL. Contents

Visibility, control and response

SUB-TITLE WLAN Management-as-a-Service

2012 Cisco and/or its affiliates. All rights reserved. 1

Network Access Control (NAC)

Encapto WiFi OVERVIEW

New Windows build with WLAN access

With Aruba Central, you get anywhere-anytime access to ensure that your network is up and performing efficiently.

BYOD: BRING YOUR OWN DEVICE.

Secure IT consumeration (BYOD), users will like you How to make secure access for smart mobile devices

Secure Access - Update

Aerohive and IntelliGO End-to-End Security for devices on your network

ClearPass Policy Manager

Alcatel-Lucent OmniVista Cirrus Simple, secure cloud-based network management as a service

Pulse Policy Secure. Supported Platforms Guide. PPS 9.0R3 Build For more information, go to

Huawei Agile Controller-Campus Datasheet

HP IMC Smart Connect Virtual Appliance Software

Your wireless network

Question: 1 The NAC Agent uses which port and protocol to send discovery packets to an ISE Policy Service Node?

ClearPass and MaaS360 Integration Guide. MaaS360. Integration Guide. ClearPass. ClearPass and MaaS360 - Integration Guide 1

Integrating Meraki Networks with

BYOD: Management and Control for the Use and Provisioning of Mobile Devices

Networks with Cisco NAC Appliance primarily benefit from:

Comodo Certificate Manager

Alcatel-Lucent OmniVista Cirrus Simple, secure cloud-based network management as a service

Exam HP2-Z33 HP Unified Wired-Wireless Networks and BYOD Version: 6.2 [ Total Questions: 65 ]

QuickSpecs. Aruba ClearPass OnGuard Software. Overview. Product overview. Key Features

QuickSpecs. Aruba ClearPass Guest Software. Overview. Aruba ClearPass Guest Software A ClearPass Policy Manager Application.

Wireless Integration Overview

IBM Internet Security Systems Proventia Management SiteProtector

MR Cloud Managed Wireless Access Points

ONE POLICY. Tengku Shahrizam, CCIE Asia Borderless Network Security 20 th June 2013

Cisco Exam Questions & Answers

ClearPass Getting Started Guide

Intelligent Edge Protection

Systems Manager Cloud-Based Enterprise Mobility Management

Conquering today s bring-your-own-device challenges. A framework for successful BYOD initiatives

Cisco ISE Ports Reference

ClearPass Design Scenarios

ClearPass Deployment Guide

CLEARPASS GUEST. A ClearPass Policy Manager Application DATA SHEET KEY FEATURES THE CLEARPASS ADVANTAGES

What s New in ZoneFlex Software Release 9.4

Cisco ISE Ports Reference

802.1x Port Based Authentication

Cisco Secure Access Control

Support Device Access

Cisco ISE Ports Reference

Cisco ISE Ports Reference

P ART 3. Configuring the Infrastructure

The Neutron Series Distributed Network Management Solution

Identity Based Network Access

ClearPass QuickConnect 2.0

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

ClearPass Deployment Guide

NETWORK SENTRY KNOWN ANOMALIES. Network Sentry /8.2.9 Agent Analytics Rev: G 9/26/2018

RADIUS Configuration Note WINS : Wireless Interoperability & Network Solutions

UCOPIA EXPRESS SOLUTION

Support Device Access

The only authentication platform you ll

Guest Access User Interface Reference

WiNOC Hotspot Operations Support System Features and Benefits

Vendor: Cisco. Exam Code: Exam Name: Implementing Advanced Cisco Unified Wireless Security (IAUWS) v2.0. Version: Demo

The Context Aware Network A Holistic Approach to BYOD

Cisco Meraki Wireless Solution Comparison

ForeScout Extended Module for VMware AirWatch MDM

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

AEROHIVE CONNECT VS. SELECT

ClearPass NAC and Posture Assessment for Campus Networks

What Is Wireless Setup

Security Automation. Challenge: Automatizzare le azioni di isolamento e contenimento delle minacce rilevate tramite soluzioni di malware analysis

MR Cloud Managed Wireless Access Points

2011 Cisco and/or its affiliates. All rights reserved. Cisco Public 1

UCOPIA ADVANCE SOLUTION

Symbols. Numerics I N D E X

The only authentication platform you ll COVER. ever need.

Transcription:

Security and Control for all Devices on the Access Network

DATASHEET Aerohive A3 Aerohive A3 Aerohive A3 is an innovative solution for securing, managing and controlling all devices on your Access Network from standard wireless and wired clients to IoT and BYOD. A3 provides a complete set of functionalities for device onboarding, guest management, automated device provisioning, device profiling and network access control. With its streamlined workflows and intuitive user interface, A3 greatly reduces the operational complexity and cost typically associated with incumbent offerings. It can be deployed on all major vendors access networks. Key Features & Benefits Supports all devices and users on the access network A3 secures standard wireless and wired corporate clients, BYOD, IoT and guest devices alike. It also supports the creationand administration of granular network access rights (e.g. by access to applications, time of day, location on the network) depending on the user s role. Seamless integration with existing IT security infrastructure Customers can directly integrate A3 with the market leading firewalls, MDM and endpoint security systems, Intrusion Detection Systems (IDS) and Posture Assessment solutions they already have installed and continue to leverage their existing security investment. Complete onboarding for guest and corporate devices A3 includes a highly customizable captive web portal (CWP) that supports self-service onboarding for visitor devices, while a comprehensive management interface and automated device provisioning of 802.1X certificates enables onboarding of corporate devices. Unparalleled deployment flexibility A3 supports on-premises deployments, based on a Virtual Appliance (VA), with a choice of standard or clustered High-Availability configurations. As of Q4 2018, A3 also offers a cloud-based solution, and a hybrid deployment model. Comprehensive authentication toolset For authentication of corporate devices, A3 supports 802.1X certificates with its built-in RADIUS server. Where certificates are not practical, A3 provides alternative authentication methods like Private Shared Keys (PSK), and Aerohive s Private Pre-Shared Keys (PPSK, coming in Q3 2018) that offer strong, unique keys without the complexity of 802.1X certificates. Network Access Control (NAC) A3 provides complete functionality for Network Access Control that ensures authorized devices stay secure over time. Features include device scanning for security compliance, quarantining of non-compliant devices to prevent network access, and guided self-remediation to reduce IT helpdesk calls. Device fingerprinting and profiling A3 includes the largest available device fingerprint database, that is constantly updated. Device fingerprinting is the most comprehensive method for identifying a device type (e.g. laptop vs. smartphone vs. HVAC sensor) automatically when a device requests network access. A3 then leverages this information to grant appropriate network access rights to each device based on its category. This includes IoT, which are otherwise very hard to identify and secure effectively, much less in an automated fashion. Supports access networks from all leading vendors Access networks typically include wired and wireless infrastructure components from multiple vendors. A3 supports WLAN equipment and switches from all leading vendors, including Aerohive, which provides an added level of deployment flexibility. Security for the Internet of Things (IoT) Connected devices like thermostats and lighting systems in the IoT context present a unique set of challenges for IT security. A3 is uniquely equipped to onboard, secure and control Things, with user-friendly bulk on-boarding, built-in device profiling and Aerohive s unique Private Pre-Shared Keys (PPSK, coming in Q3 2018). 2

Product Screenshots Intuitive graphical dashboard Services overview and administration Configuration of external authentication sources Extensive reporting capabilities 3

Product Specifications Management Features Authentication Role-based Access Control (RBAC) Per User Per Switch Per VLAN Per Client Per Client Category Per Device Type Per Time Per Location EAP Protocols EAP-FAST, PEAP, EAP-TTLS, EAP-TLS, PAP, CHAP, MSCHAPv1 and 2, EAP-MD5 802.1X Support RADIUS to AD/LDAP server support for 802.1X authentication 802.1X (PEAP) or Certificate (TLS) BYOD automated onboarding User Authentication Portal (AD/LDAP) PKI with EAP EAP-TLS, EAP-TTLS, EAP-LEAP, EAP-PEAPv0, EAP-PEAPv1, EAP-MSCHAPv2 Object based configuration management Define roles, domains, authentication sources, switches and WLANs, and connection profiles easily Automated checkup and fix permissions tasks Accounting based on several criteria Node, switch groups, user, role, OS, source, realm, SSID, profile and domain Violations, failures, successes, registration type and state Guest, BYOD and IoT Management Customizable Captive Web Portal (CWP) Wireless ISP Roaming (WISPR), Eduroam and Hotspot 2.0 Supports billable hotspots Billing and service tiers Payment processing through Paypal, Mirapay, Authorize.net, Stripe Guest Access Self Registration With or without credentials Self- registration with Social login User device registration Employee sponsorship Email Validation Authentication Types LDAP Microsoft Active Directory Novell edirectory OpenLDAP Any LDAP-compliant servers RADIUS Cisco ACS RADIUS (FreeRADIUS, Radiator, etc.) Microsoft NPS Any RADIUS-compliant servers Local user file (Apache htpasswd format) OAuth2 Facebook Google GitHub LinkedIn Microsoft Live Twitter SAML Additional built-in SQL DB for User store for deployments without LDAP PPSK (Q3) Secure Provisioning Provisioning agents Android Windows API for all Apple devices SMS Validation Password-of-the-day Device profile or device fingerprint based onboarding Aerohive Private Pre-Shared Key (Q3) 4

Product Specifications Network Access Control Integration Capability with Complementary Security Infrastructure Realtime security policy assessment (posture assessment) & notification for multiple OS Gradual Deployment Pre-registration Per location/switch/port deployments Automated Device Registration By network device By device fingerprinting By MAC address vendor Integration w/ 3rd party systems for registration Snort, Nessus, OpenVAS, Browser User-Agent and more VLAN isolation and quarantining (See supported switches below) A3 supports direct integration with these 3rd party IT security solutions: Intrusion Detection (IDS): OPSWAT Meta defender Snort Suricata Fortigate TrendMicro Vulnerability / Posture Assessment Nessus OpenVAS Windows Management Interface TNC Statement of Health protocol Netflow / IPFIX Bandwidth accounting Floating device support Switches and APs Profiling Functionality Profiling of devices/ IoT device recognition Group based policies for network devices Device visibility and identification Device Fingerprinting World s largest device fingerprinting database DHCP v4 & v6 User Agent MAC address Patterns OUI TCP fingerprints Behavioral analysis Endpoint Security OPSWAT Meta defender Agent Symantec SEPM Sentinel One Mobile Device Management (MDM) Mobile Iron JAMF AirWatch (Q2) IBM MAAS 360 (Q3), Microsoft intune (Q3) Firewalls Barracuda Checkpoint Cisco Fortinet Fortigate iboss PaloAlto Networks Watchguard Sonicwall (Q2) Microsoft PKI Simple Certificate Exchange Protocol (SCEP) Network Device Enrollment Service (NDES) 5

Product Specifications Deployment Flexibility Hardware Requirements Simplified Deployment Out of band deployment Hybrid out of band Virtual Appliance Support Deployed as VA VMWare ESXi 4.0 and above High Availability Active/Active Clustering Supports deployments of millions of devices Supported deployment models: Virtual Appliance (VA) Cloud-based deployment (Q4) Supports WLAN Infrastructure from the following vendors: Aerohive, Aruba Networks, AnyFi, Avaya, BelAir, Brocade, Cisco, D-Link, Dell, Extreme Networks, Enterasys, Extracom, Hewlett-Packard, Huawei, Juniper, Meraki, Meru Networks, MicroTik, Mojo Networks, Motorola/Zebra, Ruckus Wireless, and Xirrus Networks Supports network switches from all leading vendors: Aerohive, Alcatel-Lucent, Avaya, Brocade, Cisco, Dell, D-Link, HP, Huawei, Juniper, Linksys, Ubiquiti, and more Minimum System requirements Intel or AMD CPU 3 GHz or better 16 GB of RAM or more 100 GB of disk space (RAID-1 recommended) 1 network card (2 recommended) High Performance Active Clustering Minimum recommended cluster is 3 hosts for HA, load balancing and failover Significantly increases capacity and throughput Contact your Aerohive partner or representative for configuration assistance Professional Services Optional professional services are available through local Aerohive partners. VoIP support, also in heterogenous environments, for multiple switch vendors Avaya, Cisco, HP and more 6

Product SKUs AEROHIVE A3 - SKUs SKU DESCRIPTION AH-A3-VA Software license for A3 Virtual Appliance (VA). Required with A3 subscription. AH-A3-HA High Availability software license for 2 additional VA for cluster configuration; optional for all deployments. AH-A3-1K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 1,000 concurrent clients/endpoints. Includes support. AH-A3-5K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 5,000 concurrent clients/endpoints. Includes support. AH-A3-10K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 10,000 concurrent clients/endpoints. Includes support. AH-A3-25K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 25,000 concurrent clients/endpoints. Includes support. AH-A3-50K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 50,000 concurrent clients/endpoints. Includes support. AH-A3-75K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 75,000 concurrent clients/endpoints. Includes support. AH-A3-100K-SL-1Y/3Y/5Y 1/3/5 Year subscription for 100,000 (and more) concurrent clients/endpoints. Includes support. 2018 Aerohive Networks. All Rights Reserved. 7

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback