Bradford Networks for Enterprise
Network Access Control (NAC), BYOD
Keeping Your Network Secure When Less Secure Devices are Connecting
You’ve installed wired and wireless network connectivity throughout your organization to ensure anywhere, anytime access to your employees, guests, and contractors.
Securing your network, in the era of BYOD, can be a daunting challenge for even the most highly-staffed IT organizations. How do you ensure only authorized users are accessing network resources? That only known (registered) devices are connecting? That computers on the network comply with your security policies and don’t create backdoors into your network?
As more devices connect to your network, it magnifies the attack surface and creates additional risk. A simple bifurcated employee and guest network is no longer granular enough to address the demands of BYOD. All it takes is a single unprotected, vulnerable device connecting to the wrong area of your network and your sensitive information is in jeopardy. Today’s networks require greater visibility, smarter policies, and more granular control to manager security and provide users a safe level of access to maximize productivity.
Bradford Network’s Network Sentry provides complete visibility and control of all users and devices on the network to prevent unauthorized access and keep the network secure. Network Sentry registers and authenticates all users and their associated devices, monitors their access and network usage, and dynamically provisions role-based policies to ensure that users get to only the resources they should.
Network Sentry automates enforcement of your established endpoint security policies to ensure compliance and to isolate any non-compliant devices from the network. And, to ease the burden on your help desk, it can inform users why their network access has been restricted, while providing them with instructions and limited network connectivity to correct policy compliance issues themselves without engaging IT staff. In addition, leveraging a self-service device registration and captive portals, large volumes of user devices can be onboarded quickly and easily.
Network Sentry’s flexible platform is architected to allow customers to implement security solutions in phases for a wide range of use cases or levels of security sophistication ranging from “monitor only” mode for network-wide visibility, to “friend or foe” and role-based access control policies, guest access, BYOD security policies, or even advanced policy management. Unlike competitors’ in-band architecture, Network Sentry’s out-of-band architecture centralizes functionality and enables broad scale deployments at a reasonable cost.
With Network Sentry devices attempting to connect to the network are evaluated before allowing a connection (pre-connect) whereas competing products allow any device open network access for up to 45 seconds while they complete an assessment and implement a decision (post connect). Network Sentry can be deployed on a dedicated hardware appliance, as a virtual appliance, or delivered in the cloud as a SaaS offering depending on customers’ needs and preferences.