 |
LANShield™ Controller Family
Cost-effective, Transparent Deployment
ConSentry Networks delivers intelligent control, making it easy for IT to control users and applications on the LAN. The ConSentry LANShield platforms — the LANShield Switch and LANShield Controller — tie together user, device, role, application, and destination to provide a level of business context not possible with legacy switch architectures. With this context, IT can more easily boost employee productivity, protect assets, and simplify operations.
The LANShield Controller makes it easy for IT to embed user and application control directly into the LAN infrastructure. It augments existing switches with user and application intelligence that makes applying controls and segmenting users on the LAN much easier than using traditional tools such as VLANs or ACLs, lowering IT’s cost of operations.
Custom silicon provides the foundation for these control capabilities. This custom hardware includes a multi-core processor and programmable ASICs that perform packet processing for monitoring and control at up to 10 Gbps. The programmability of the hardware enables ConSentry to keep pace with changes in applications and security requirements.
The LANShield intelligent control architecture enables enterprises to monitor and control all user traffic with minimal impact on the existing infrastructure. ConSentry leverages existing OS authentication mechanisms, such as the Windows login. The LANShield Controllers enforce policy directly, without the need for new VLANs or ACLs in the network or new supplicants or agents on the clients.
Transparency and High Availability
The LANShield Controller sits between access switches and the distribution or core layer, aggregating uplinks from wiring closets and enforcing access policies on all traffic. A transparent device, the LANShield Controller requires no changes to network design or user behavior, simplifying deployment and reducing operational costs.
| |
 |
The LANShield Controllers deploy transparently between existing switches, providing intelligent switching to control users and applications.
|
| |
The Controller supports high-availability and resiliency modes. Enterprises that have dual-homed wiring closet switches can deploy two ConSentry LANShield Controllers as peers — the two platforms share authentication state and preserve user authentications in case of failover. In addition, the Controller itself supports two failure modes. IT can set the device to fail to pass-through, where all LAN traffic will traverse the Controller untouched, or fail to block, where all traffic is stopped. The Controller also includes redundant power supplies and fans.
Deployment Options and IT Initiatives
The LANShield Controller sits behind existing switches to augment the LAN with user and application control. IT can leverage the LANShield Controller to:
-
troubleshoot user and application issues more quickly
-
support non-user devices such as robotics and IP phones
-
limit access to resources
-
track all user activity for auditing
-
support a more dynamic and diverse workforce
-
more easily roll out new applications, systems, and business locations
Ordering Information
Part No. |
Description |
| CS1000-ACAC |
10 unpopulated SFP cages (4 secure data port pairs + 2 extensibility ports), 2 AC PSUs, and 1 mgmt port. It supports 400 authenticated users. |
| CS2400-ACAC |
24 unpopulated SFP cages (10 secure data port pairs + 4 extensibility ports), 2 AC PSUs, and 1 mgmt port. It supports 1000 authenticated users. |
CS1000-4C-TO-8C-UPGD
|
For CS1000 - upgrade license to support 800 authenticated users |
| CS2400-1K-TO-2K-UPGD |
For CS2400 - upgrade license to support 2000 authenticated users |
|
|
»
