Identity-Based Control from ConSentry Networks


		HOME \| EN GARDE BLOG \| HOW TO BUY \| EXTRANET LOGIN \|

Overview

LANShield Switches

LANShield Controllers

ConSentry InSight

ConSentry Posture Check

LANShield OS

LANShield Technology

Intelligent Switching

Analyst and Media Quotes

Press Kit

Awards and Reviews

Support Services

Training and Certification

Product Registration

Technical Assistance Center



	Overview

	Key Features Network Admission Control Visibility Identity-based Control Threat Control

	LANShield Controller

	LANShield Switches

	ConSentry InSight

	ConSentry Posture Check

	LANShield OS

	LANShield Architecture



Stay informed. Sign up to receive the “Intelligent Switching Informer.”




	Identity-based Control Properly implemented, identity-based control can be a powerful tool, giving IT a rich and flexible way to define and enforce role-based network access control. As a baseline, an identity-based control system must be able to: Tie all LAN activity back to specific users Support universal access control Network Access Control Identity-based control is at the heart of network access control. Controlling user access, by role, is essential to data protection, LAN security, and mitigating the insider threat. Identity-based control is implemented via policies. For example, IT could define a policy that lets users in engineering access a code-development server and edit files on it but prevents those users from copying files from that server. In the event a user attempts to copy a file, that action will be denied. Once policies are defined, they are downloaded to enforcement devices, which monitor LAN traffic to apply those policies. Policy creation and enforcement are the mechanisms for applying network access control to users; these policy tools must provide a rich set of functionality and therefore have their own requirements. Policy Creation Requirements Ease of use Centralized policy creation and distribution capability Support for a rich, flexible set of policies Policy Enforcement Requirements Be deployed in-line Learn user identity Extract user role data from third-party identity databases in real-time Tie user to policy Recognize a wide range of policy filters Apply rich enforcement actions (permit/deny traffic, log activity, mirror traffic) You can’t control what you can’t see. Therefore, ConSentry engineered the LANShield product family from the ground up to provide real-time user-based visibility of LAN traffic. As a result of this granular view of traffic, the LANShield product family ties all LAN activity back to specific users regardless of their network connection. The LANShield product family allows IT managers to define policies using the full range of traffic characteristics the platforms see and to limit users’ access to networked resources based on their role in the organization. The ConSentry platforms’ robust role-based network access control easily addresses the requirements for user control, policy creation, and policy enforcement. » Download the Identity-based Control Solution Brief

White Paper

		User Access Control: How ConSentry Delivers Role-based provisioning.

	» Download White Paper

Customers


	"ConSentry gives us a simple, cost-effective way to make sure only the right people get onto the LAN and conduct only allowed operations." » More Customers

Online Demo

		Learn more about our LANShield solution in this two-minute Flash demo.

	» Watch the Demo




	Network Access Control \| LAN Segmentation \| Network Visibility and Control \| Intelligent Switching
	Home \| Products \| Solutions \| Partners \| News \| Support \| Site Map \| Privacy \| En Garde Blog
	Copyright © 2008, ConSentry Networks. All rights reserved. \| 1690 McCandless Drive, Milpitas, CA 95035 \| +1 408-956-2100 \| 1-866-841-9100

Identity-based Control

Network Access Control

Policy Creation Requirements

Policy Enforcement Requirements