Comprehensive Visibility
You can't control what you can't see. To be effective, a LAN security platform must provide visibility into LAN traffic in a way that’s useful to IT and allows for appropriate levels of control. While auditing requires the tracking and storage of large volumes of data, day-to-day security management depends on having information that enables fast incident response.
Rather than sort through reams of raw data, which are hard to process or act on, IT needs the ability to manage by exception – to have visibility into what has changed on the network or what has happened out of the ordinary, such as a user attempting to reach an off-limits server. Security-related information must be presented in an easy-to-navigate fashion, with incident-based data synthesized and presented in high level views that IT can then drill down into for more detail. And a security platform must be able to automatically act on what it sees, based on defined policies.
For security purposes, what IT needs is visibility into actionable information. Therefore, a network access control solution must meet the following visibility requirements:
- Tie all LAN traffic to the user
- Perform deep packet inspection on all flows
- Retain statistics about all flows
- Provide real-time and historical data
- Provide an aggregated view of the LAN’s security health
- Provide key user data
- Track security incidents
- Show “top talker” and “bottom talker” information
- Show detailed application information
Through stateful deep packet inspection with full Layer 7 application decode, the ConSentry LANShield product family is able to provide the level of traffic visibility needed for full network access control. The data enables security-related control, incident response, auditing, and trend analysis. The ConSentry InSight command center is IT’s window into all users, LAN traffic, and violations, and is also the means by which IT defines and distributes policies centrally.
With InSight, IT can see and control all traffic on a per-user, per-flow basis, as well as define role-based access control policies and malware control policies. This combination of full visibility and network access control ensures that enterprise assets are protected and network availability remains high. Likewise, InSight’s comprehensive traffic tracking allows for rapid troubleshooting, auditing and reporting for compliance and business needs, and forensics.
The LANShield product family provides comprehensive visibility needed for LAN security - providing actionable information as the foundation for network access control.
» Download the Visibility Solution Brief
|
»
