Network Access Control + Role-based LAN Segmentation
Guests, contractors, vendors, technicians, devices, students, patients – they all need different levels of network access, but existing tools for segmenting the LAN are cumbersome, leave security holes, and can’t scale to meet the increased diversity of user types.
ConSentry’s self-contained, wire-speed platform makes it easy for you to deploy network access control and role-based LAN segmentation. In a single device, you gain full control over who can access your network and what resources various users can reach.
Network Access Control
ConSentry provides the full set of network access control functions, including authenticating users, scanning their machines for endpoint compliance, limiting the applications and servers users can reach, tracking all user activity, and detecting anomalous machine or user behavior. With these functions, you can ensure the IBM contractors can reach only the IBM servers, no matter how or where they log onto your LAN, and only the manufacturing engineers can program the robots.
This full complement of capabilities are all embedded in a single platform – either an appliance that sits behind your existing wiring closet switches or a gigabit Ethernet intelligent switch for the wiring closet. So deployment is simple, and the policies apply throughout your network.
Role-based LAN Segmentation
Enterprises have struggled for years with how to segment the LAN. Originally designed to limit broadcast storms, virtual LANs (VLANs) have long been pressed into service as a means for controlling which users could reach which resources.
The problem is that existing VLAN and access control list (ACL) tools are too blunt, too manual, and too simplistic to meet today’s segmentation challenges. The diversity of user and machine types, the need to differentiate applications – such as peer to peer – beyond their L4 port, and the need for greater flexibility in categorizing users have outpaced the capabilities of these Layer 3/Layer 4 tools.
Today, you need a way to very simply keep traffic from your contractors, employees, non-user devices, and guests all separate – and you simply can’t keep up using VLANs and ACLs.
The ConSentry Alternative
ConSentry makes it much easier. You leverage the information in your existing identity stores, and the ConSentry platform dynamically applies policies to segment users and control access to resources on your LAN.
We call it Intelligent Switching.
You’ll call it Problem Solved.
» Are you living the VLAN and ACL nightmare?
|
»
