TippingPoint Network Access Control (NAC)
The TippingPoint NAC solution enables enterprises to enforce device and user policies to ensure endpoint compliance and granular network compliance even after initial network entry. TippingPoint NAC provides multiple enforcement options, including inline enforcement with the TippingPoint NAC Enforcer, and out-of-band options using 802.1x or DHCP, with support for various vendors and network topologies. The integration of device, user and IPS-based traffic classification and enforcement provides much greater control over network access and usage, reducing network vulnerabilities while improving policy and regulatory compliance.
In a TippingPoint NAC environment, access policies subject each device and user pair to rigorous authentication, authorization, posture compliance checks and enforcement. Non-compliant devices are directed to remediate based on policy class. User access rights are controlled through integration with existing rights management systems including Active Directory, LDAP and RADIUS. TippingPoint NAC, including the NAC Policy Enforcer and the NAC Policy Server, then interoperates with the TippingPoint IPS to ensure all malicious traffic is blocked from each endpoint and suspect or non-compliant traffic triggers other policy-controlled actions, including blocking, quarantining, alerting or rate shaping. Now, network and security personnel have unprecedented control over the entire network perimeter with integrated policy-based visibility and control of users, devices and traffic flows.
While network access control combined with the IPS is the ideal protection path, the TippingPoint NAC Policy Enforcer and Policy Server can also be deployed without an IPS.
TippingPoint NAC Policy Server
The NAC Policy Server provides centralized policy management as part of the TippingPoint NAC solution, and offers advanced reporting and event correlation. The centralized Web-based console allows network administrators to quickly scan through the entire network, in real-time, viewing the activity and performance of all users, applications, connections and devices. This greatly reduces troubleshooting time and expedites problem resolution. The NAC Policy Server economically scales to accommodate network infrastructure growth of users, groups and applications using a distributed design which includes the NAC Policy Enforcer. Detailed reporting provides metrics like minutes-used, and bandwidth consumed by device, user, group, access point to enable support for multiple service level agreements (SLAs). A single NAC Policy Server can support up to approximately 5,000 users.
TippingPoint NAC Policy Enforcer
The TippingPoint NAC Policy Enforcer is an in-line appliance that provides access control enforcement based on user and device criteria. It allows network administrators to designate access rules based on user identity and device type, rather than traditional port-based segmentation that may only restrict by location. As more mobile devices are introduced to the network, and enterprise employees become more transient, the network perimeter continues to erode. As consultants, contractors and guests are authorized for internal network access, an inline enforcement tool based on identity is necessary to permit only eligible users onto the network with access to only authorized resources. Working in concert with the NAC Policy Server, the NAC Policy Enforcer receives up-to-date policies for any new connection on the network, and receives any changes in a user's authentication state, and time and location-based rules.
TippingPoint Network Access Control Overview
Secure Access Central Portal
Download NAC Product Selection Guide
RSS FEEDS
FACEBOOK PAGE
TWITTER PAGE