{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"comparison":{"compare":{"_type":"localeString","en":"Compare","ru":"Сравнить"},"characteristics":{"ru":"Характеристики","_type":"localeString","en":"Characteristics"},"additional_template":{"ru":"Дополнительные характеристики","_type":"localeString","en":"Additional characteristics"},"nothing_to_show":{"ru":"Нет данных для отображения","_type":"localeString","en":"No data to compare"}},"header":{"help":{"ru":"Помощь","_type":"localeString","en":"Help","de":"Hilfe"},"how":{"en":"How does it works","de":"Wie funktioniert es","ru":"Как это работает","_type":"localeString"},"login":{"ru":"Вход","_type":"localeString","en":"Log in","de":"Einloggen"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"de":"FAQ","ru":"FAQ","_type":"localeString","en":"FAQ"},"references":{"en":"Requests","de":"References","ru":"Мои запросы","_type":"localeString"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find-it-product":{"ru":"Подбор и сравнение ИТ продукта","_type":"localeString","en":"Selection and comparison of IT product"},"autoconfigurator":{"ru":"Калькулятор цены","_type":"localeString","en":" Price calculator"},"comparison-matrix":{"ru":"Матрица сравнения","_type":"localeString","en":"Comparison Matrix"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"catalogs":{"_type":"localeString","en":"Catalogs","ru":"Каталоги"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"ru":"Внедрения","_type":"localeString","en":"Deployments"},"companies":{"en":"Companies","ru":"Компании","_type":"localeString"},"categories":{"_type":"localeString","en":"Categories","ru":"Категории"},"for-suppliers":{"ru":"Поставщикам","_type":"localeString","en":"For suppliers"},"blog":{"ru":"Блог","_type":"localeString","en":"Blog"},"agreements":{"_type":"localeString","en":"Deals","ru":"Сделки"},"my-account":{"en":"My account","ru":"Мой кабинет","_type":"localeString"},"register":{"ru":"Зарегистрироваться","_type":"localeString","en":"Register"},"comparison-deletion":{"ru":"Удаление","_type":"localeString","en":"Deletion"},"comparison-confirm":{"ru":"Подтвердите удаление","_type":"localeString","en":"Are you sure you want to delete"},"search-placeholder":{"ru":"Введите поисковый запрос","_type":"localeString","en":"Enter your search term"},"my-profile":{"ru":"Мои данные","_type":"localeString","en":"My profile"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"sub_it_catalogs":{"_type":"localeString","en":"Find IT product"},"sub_b4reference":{"_type":"localeString","en":"Get reference from user"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"_type":"localeString","en":"Products"},"b4reference":{"en":"Bonus4Reference","_type":"localeString"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"_type":"localeString","en":"Find and compare IT products"},"it_implementations":{"en":"Learn implementation reviews","_type":"localeString"},"it_companies":{"_type":"localeString","en":"Find vendor and company-supplier"},"it_categories":{"en":"Explore IT products by category","_type":"localeString"},"it_our_products":{"_type":"localeString","en":"Our Products"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString","en":"All rights reserved"},"company":{"ru":"О компании","_type":"localeString","en":"My Company","de":"Über die Firma"},"about":{"en":"About us","de":"Über uns","ru":"О нас","_type":"localeString"},"infocenter":{"en":"Infocenter","de":"Infocenter","ru":"Инфоцентр","_type":"localeString"},"tariffs":{"de":"Tarife","ru":"Тарифы","_type":"localeString","en":"Subscriptions"},"contact":{"de":"Kontaktiere uns","ru":"Связаться с нами","_type":"localeString","en":"Contact us"},"marketplace":{"en":"Marketplace","de":"Marketplace","ru":"Marketplace","_type":"localeString"},"products":{"de":"Produkte","ru":"Продукты","_type":"localeString","en":"Products"},"compare":{"de":"Wähle und vergleiche","ru":"Подобрать и сравнить","_type":"localeString","en":"Pick and compare"},"calculate":{"de":"Kosten berechnen","ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost"},"get_bonus":{"_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс"},"salestools":{"en":"Salestools","de":"Salestools","ru":"Salestools","_type":"localeString"},"automatization":{"de":"Abwicklungsautomatisierung","ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation"},"roi_calcs":{"de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"matrix":{"de":"Vergleichsmatrix","ru":"Матрица сравнения","_type":"localeString","en":"Comparison matrix"},"b4r":{"de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString","en":"Rebate 4 Reference"},"our_social":{"de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети","_type":"localeString","en":"Our social networks"},"subscribe":{"de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter"},"subscribe_info":{"en":"and be the first to know about promotions, new features and recent software reviews","ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString"},"policy":{"ru":"Политика конфиденциальности","_type":"localeString","en":"Privacy Policy"},"user_agreement":{"ru":"Пользовательское соглашение ","_type":"localeString","en":"Agreement"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find":{"en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта","_type":"localeString"},"quote":{"ru":"Калькулятор цены","_type":"localeString","en":"Price calculator"},"boosting":{"en":"Business boosting","ru":"Развитие бизнеса","_type":"localeString"},"4vendors":{"_type":"localeString","en":"4 vendors","ru":"поставщикам"},"blog":{"ru":"блог","_type":"localeString","en":"blog"},"pay4content":{"en":"we pay for content","ru":"платим за контент","_type":"localeString"},"categories":{"_type":"localeString","en":"categories","ru":"категории"},"showForm":{"ru":"Показать форму","_type":"localeString","en":"Show form"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"ru":"Email","_type":"localeString","en":"Email"},"subscribe__name-label":{"_type":"localeString","en":"Name","ru":"Имя"},"subscribe__required-message":{"en":"This field is required","ru":"Это поле обязательное","_type":"localeString"},"subscribe__notify-label":{"ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях","_type":"localeString","en":"Yes, please, notify me about news, events and propositions"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"ru":"Подписаться","_type":"localeString","en":"Subscribe"},"subscribe__email-message":{"_type":"localeString","en":"Please, enter the valid email","ru":"Пожалуйста, введите корректный адрес электронной почты"},"subscribe__email-placeholder":{"_type":"localeString","en":"username@gmail.com","ru":"username@gmail.com"},"subscribe__name-placeholder":{"en":"Last, first name","ru":"Имя Фамилия","_type":"localeString"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString","en":"Subscription is unsuccessful. Please, try again later."},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"en":"Home","ru":"Главная","_type":"localeString"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"login":{"ru":"Вход","_type":"localeString","en":"Login"},"registration":{"ru":"Регистрация","_type":"localeString","en":"Registration"},"b2b-platform":{"en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString"}},"comment-form":{"title":{"ru":"Оставить комментарий","_type":"localeString","en":"Leave comment"},"firstname":{"_type":"localeString","en":"First name","ru":"Имя"},"lastname":{"en":"Last name","ru":"Фамилия","_type":"localeString"},"company":{"ru":"Компания","_type":"localeString","en":"Company name"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"ru":"Фактическая стоимость","_type":"localeString","en":"Actual cost"},"received-roi":{"_type":"localeString","en":"Received ROI","ru":"Полученный ROI"},"saving-type":{"_type":"localeString","en":"Saving type","ru":"Тип экономии"},"comment":{"_type":"localeString","en":"Comment","ru":"Комментарий"},"your-rate":{"_type":"localeString","en":"Your rate","ru":"Ваша оценка"},"i-agree":{"ru":"Я согласен","_type":"localeString","en":"I agree"},"terms-of-use":{"ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString","en":"With user agreement and privacy policy"},"send":{"ru":"Отправить","_type":"localeString","en":"Send"},"required-message":{"en":"{NAME} is required filed","ru":"{NAME} - это обязательное поле","_type":"localeString"}},"maintenance":{"title":{"_type":"localeString","en":"Site under maintenance","ru":"На сайте проводятся технические работы"},"message":{"_type":"localeString","en":"Thank you for your understanding","ru":"Спасибо за ваше понимание"}}},"translationsStatus":{"comparison":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"comparison":{"title":{"en":"Compare products","ru":"Сравнить продукты","_type":"localeString"}}},"pageMetaDataStatus":{"comparison":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{"79":{"id":79,"title":"Network Admission Control (NAC)","characteristics":[{"id":1286,"title":"Ease of Implementation","required":0,"type":"select"},{"id":1288,"title":"Software-Based","required":0,"type":"select"},{"id":1290,"title":"Heterogeneous Network","required":0,"type":"select"},{"id":1292,"title":"Centrally Managed","required":0,"type":"select"},{"id":1294,"title":"VLAN Segmentation","required":0,"type":"select"},{"id":1296,"title":"Standardized API","required":0,"type":"select"},{"id":1298,"title":"Role-Based Policies","required":0,"type":"select"},{"id":1300,"title":"Agentless","required":0,"type":"select"},{"id":1302,"title":"Full Non-802.1X Deployment","required":0,"type":"select"},{"id":1304,"title":"No Requirement for Topology Changes","required":0,"type":"select"},{"id":1306,"title":"Scalable Deployments","required":0,"type":"select"},{"id":1308,"title":"Remote Branch Deployments","required":0,"type":"select"},{"id":1310,"title":"Wireless Support","required":0,"type":"select"},{"id":1312,"title":"Device Visibility","required":0,"type":"select"},{"id":1314,"title":"Application Visibility","required":0,"type":"select"},{"id":1316,"title":"IOT Device Visibility & Control","required":0,"type":"select"},{"id":1318,"title":"Network View","required":0,"type":"select"},{"id":1320,"title":"Incident Response","required":0,"type":"select"},{"id":1322,"title":"Guest Access","required":0,"type":"select"},{"id":1324,"title":"BYOD","required":0,"type":"select"}]}},"comparisonByTemplateId":{},"products":[{"id":3076,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Aruba_Clearpass.jpg","logo":true,"schemeURL":"https://old.roi4cio.com/fileadmin/user_upload/Aruba-ClearPass-scheme.png","scheme":true,"title":"Aruba ClearPass","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"alias":"aruba-clearpass","companyTypes":[],"description":"<p><span style=\"font-weight: bold;\">ClearPass</span> allows you to safely connect business and personal devices to your network in compliance with your security policies. It allows you to grant full or limited access to devices based on users&rsquo; roles, device type, and cybersecurity posture.</p>\r\n<p><span style=\"font-weight: bold;\">This solution leverages the next plan:</span></p>\r\n<p><span style=\"font-weight: bold;\">Identify</span></p>\r\n<p>With this new demand for network access, the burden on your IT department has increased exponentially and it&rsquo;s not just laptops and smartphones that should be on your radar. IoT devices, printers, and even surveillance cameras are connecting to companies&rsquo; wireless networks.</p>\r\n<p>ClearPass helps you identify which devices are being used, how many are connected to your network, where they&rsquo;re connecting from, and which operating systems are supported. It gives you continuous visibility into changes on your network, including which devices are connecting and disconnecting.</p>\r\n<p>When you need device-specific information, you can easily identify a device&rsquo;s:</p>\r\n<ul>\r\n<li>Type and model name</li>\r\n<li>MAC address</li>\r\n<li>IP address</li>\r\n<li>NIC vendor</li>\r\n<li>OS and version number</li>\r\n<li>VLAN</li>\r\n</ul>\r\n<p><span style=\"font-weight: bold;\">Enforce</span></p>\r\n<p>Enforcing network policies can pose a huge challenge to IT departments. When an employee wants to add a new device to the network, they often have to go through extensive IT protocols. They may even need someone from IT to walk them through the process.</p>\r\n<p>ClearPass allows you to enforce policies during the onboarding of new devices without any involvement from your IT department &ndash; whether it&rsquo;s a laptop, smartphone, or security camera. A built-in certificate authority lets you support devices more quickly without any additional IT resources.</p>\r\n<p>Your IT team will simply need to establish your foundation of security and write rules that define:</p>\r\n<ul>\r\n<li>Who can onboard a device</li>\r\n<li>The type of device users can onboard</li>\r\n<li>How many devices each user can onboard</li>\r\n</ul>\r\n<p>You can then enforce access a number of ways. You can use a portal, or you can use the more secure and preferred method that uses encryption in the authentication process. After devices are granted access, ClearPass uses active and passive profiling methods to monitor your network and keep it safe.</p>\r\n<p><span style=\"font-weight: bold;\">Protect</span></p>\r\n<p>The health of individual devices connected to your network is an essential component of network security. With ClearPass OnGuard, your IT team can define the &ldquo;level of health&rdquo; a device must have in order to gain network access.</p>\r\n<p>This solution automatically conducts critical endpoint health checks and posture assessments to ensure that all devices are compliant with your requirements (and industry best practices). It works for both wired and wireless networks.</p>\r\n<p>ClearPass also offers a variety of third-party integrations (which we&rsquo;ll touch on shortly). These integrations empower you to implement dynamic policy controls and threat remediation. You&rsquo;ll have real-time insight into the activity on your network, equipping you to identify and address any threats that may present themselves.<br />After all, you have to be prepared to take action if you discover unusual network behavior. That requires establishing a unified approach that can block traffic and disconnect devices when necessary &ndash; even in the middle of the night.</p>\r\n<p><span style=\"font-weight: bold;\">Integrate</span></p>\r\n<p>The right network security solution must be comprehensive and that often requires you to create a seamless solution comprised of several different platforms.</p>\r\n<p>Aruba ClearPass Exchange integrates with over 25 IT partners &ndash; the vast majority of your current technology and security stacks - to ensure that every element of your system is working without issue.</p>\r\n<p>These third-party technology systems could include:</p>\r\n<ul>\r\n<li>Firewalls</li>\r\n<li>Enterprise mobility management (EMM)</li>\r\n<li>Mobile device management (MDM)</li>\r\n<li>Security information and event management (SIEM)</li>\r\n</ul>\r\n<p>Whichever platforms you use (or are considering), they will work with ClearPass&rsquo; REST-based APIs, Syslog messaging, and extensions repository. Your collective solution will deliver end-to-end policy enforcement and the visibility you need to keep your network secure.</p>\r\n<p>&nbsp;</p>\r\n<p>Source: <a href=\"https://inbound.kelsercorp.com/blog/what-is-aruba-clearpass-and-how-does-it-protect-your-network\" target=\"_blank\" rel=\"noopener\">inbound.kelsercorp.com/blog/what-is-aruba-clearpass-and-how-does-it-protect-your-network</a></p>","shortDescription":"Aruba ClearPass is a policy management platform that many businesses are implementing to effortlessly onboard new devices, grant varying access levels, and keep their networks secure.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":0,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Aruba ClearPass","keywords":"","description":"<p><span style=\"font-weight: bold;\">ClearPass</span> allows you to safely connect business and personal devices to your network in compliance with your security policies. It allows you to grant full or limited access to devices based on users&rsquo; roles, dev","og:title":"Aruba ClearPass","og:description":"<p><span style=\"font-weight: bold;\">ClearPass</span> allows you to safely connect business and personal devices to your network in compliance with your security policies. It allows you to grant full or limited access to devices based on users&rsquo; roles, dev","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Aruba_Clearpass.jpg"},"eventUrl":"","translationId":3076,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":205,"title":"NAC - Network Access Control","alias":"nac-network-access-control","description":"<span style=\"font-weight: bold; \">Network Access Control (NAC)</span> is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement. NAC solutions have become an extremely valuable tool in recent years, as mobile devices and the Internet of Things (IoT) have surged to prominence in various industries across the world. These new pieces of emerging technology come with their own set of vulnerabilities, which poses a challenge to IT security experts. \r\nNAC systems are put into place to make sure that anyone who enters the system, both in terms of users and devices, is authorized. After being routed the efforts at connection, the network access control system confirms privileges using an identity and access management (IAM, a program that checks users for appropriate permissions to access data materials, as indicated by internal policies). With the information from the IAM, along with a pre-established list of rules, the NAC software is able to smartly accept or deny access requests.\r\nFortunately, NAC products are designed to handle large enterprise networks that have a range of device types trying to connect at all times. Without a NAC in place, companies take on a huge amount of risk by adopting a bring-your-own-device (BYOD) policy, which allows employees and vendors to use their own smartphones and tablets on the local network. Network access control software and hardware require an upfront investment but prove their worth in the long run.","materialsDescription":"<h1 class=\"align-center\">&nbsp;How a NAC solution works?</h1>\r\nWhen you adopt a network access control solution, the first thing it will do is find all devices currently accessing the system; identify what kind of device they are; and determine whether to validate them and how to treat them using preestablished protocols designed by the company’s security personnel. A network access control system has rules related to a wide spectrum of devices, along with finely grained settings to help you determine permissions. A unified administrative system houses these rules and applies them as needed.\r\nMany companies will utilize NAC as their staff grows and they have an increasing number of devices to manage. These solutions are also helpful for achieving data protection across a variety of different branch locations. The difficulty of securing an organization and managing access has become especially overwhelming in an era when widespread incorporation of IOT devices is becoming more common throughout business; NAC is the fix. The general issue with bring your own device (BYOD), though, is what drew many businesses to this service.\r\n<h1 class=\"align-center\">How to Choose a Network Access Control Solution</h1>\r\nTo help narrow down your search for NAC products, you should first focus on tools that offer native integration with your enterprise’s existing software. You don’t want to have to change your infrastructure or network design in order to bring the NAC solution online. If you are heavily dependent on a cloud architecture, then look for solutions that are fully supported by your hosting provider.\r\nNext, think about what kind of proactive tools come included with the NAC suite. Some vendors offer all-in-one packages that feature a full virus scanning utility and firewall mechanism alongside everything else in the NAC. If your IT security strategy is not very mature, this kind of suite may be very helpful.\r\nOf course, one key factor when looking at NAC options is the price point. Some vendors will sell their products at a flat rate, while others are quickly going the route of Software as a Service (SaaS) subscription, an increasingly-popular business model that requires a monthly payment and ongoing contract. Think about the state of your IT budget while remembering that the upfront investment could save you lots of money down the road."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"79":{"1286":{"id":8035,"characteristicId":1286,"templateId":79,"value":"Requires network pre-requisites"},"1288":{"id":8036,"characteristicId":1288,"templateId":79,"value":"Virtual or hardware appliance"},"1290":{"id":8037,"characteristicId":1290,"templateId":79,"value":"Can integrate with some infrastructure"},"1292":{"id":8038,"characteristicId":1292,"templateId":79,"value":"Recommends appliances for deployment in all locations"},"1294":{"id":8039,"characteristicId":1294,"templateId":79,"value":"Available only with 802.1X"},"1296":{"id":8040,"characteristicId":1296,"templateId":79,"value":"Inbound and outbound APIs"},"1298":{"id":8041,"characteristicId":1298,"templateId":79,"value":"More effective with 802.1X"},"1300":{"id":8042,"characteristicId":1300,"templateId":79,"value":"Optimal with agent"},"1302":{"id":8043,"characteristicId":1302,"templateId":79,"value":"Optional 802.1X authentication"},"1304":{"id":8044,"characteristicId":1304,"templateId":79,"value":"Network firmware upgrades, complex configuration, RADIUS"},"1306":{"id":8045,"characteristicId":1306,"templateId":79,"value":"802.1X limits scalability of deployments"},"1308":{"id":8046,"characteristicId":1308,"templateId":79,"value":"Requires on site configuration and challenges branch availability"},"1310":{"id":8047,"characteristicId":1310,"templateId":79,"value":"Wireless via 802.1X"},"1312":{"id":8048,"characteristicId":1312,"templateId":79,"value":"Visibility enhanced with 802.1X compatible devices"},"1314":{"id":8049,"characteristicId":1314,"templateId":79,"value":"Requires agent"},"1316":{"id":8050,"characteristicId":1316,"templateId":79,"value":"Discovery and control capabilities"},"1318":{"id":8051,"characteristicId":1318,"templateId":79,"value":"No capability for full network view"},"1320":{"id":8052,"characteristicId":1320,"templateId":79,"value":"Lack of context, requires manual intervention"},"1322":{"id":8053,"characteristicId":1322,"templateId":79,"value":"Full capabilities for guest access"},"1324":{"id":8054,"characteristicId":1324,"templateId":79,"value":"BYOD control and visibility with captive portal"}}}},{"id":461,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Cisco_ISE__IDENTITY_SERVICES_ENGINE_.jpg","logo":true,"schemeURL":"https://old.roi4cio.com/fileadmin/user_upload/Cisco_Identity_Services_Engine_scheme.png","scheme":true,"title":"CISCO ISE (Identity Services Engine)","vendorVerified":0,"rating":"2.80","implementationsCount":7,"suppliersCount":0,"alias":"cisco-ise-identity-services-engine","companyTypes":[],"description":"\r\n<p>The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. It gives you intelligent, integrated protection through intent-based policy and compliance solutions. And it is all delivered with streamlined, centralized management that lets you scale securely in today's market.</p>\r\n<p>Username is a key element in determining access to a network. Username can also help you alert you users to potentially suspicious activity with their devices. It answers the all-important question of who is connected to your network.</p>\r\n<p>The Cisco Identity Services Engine (ISE) Passive Identity Connector centralizes, consolidates, and distributes identity information, including IP addresses, MAC addresses, and usernames. At the same time it offloads work from key infrastructure such as Microsoft Active Directory.</p>\r\n<p>Many servers on the network are active participants in user authentication. They take user credentials and either verify them or look them up in a dedicated repository such as Active Directory. Rather than being actively involved in user authentication, the Passive Identity Connector listens to the various authentication servers on the network. It centralizes the authentication information, becoming the single source of truth for its subscribers.</p>\r\n<p>The Passive Identity Connector distributes the session identity information to other devices on the network that are natural consumers of such information. These devices include firewalls, web security appliances, and traffic analyzers. Using the Cisco Platform Exchange Grid (pxGrid), the Cisco ISE Passive Identity Connector can support up to 20 subscribers.</p>\r\n<p><span style=\"font-weight: bold;\">Features:</span></p>\r\n<ul>\r\n<li>Centralized information</li>\r\n<li>Improved performance</li>\r\n<li>Syslog server support</li>\r\n<li>Active Directory support</li>\r\n<li>Kerberos SPAN support</li>\r\n<li>Endpoint probes</li>\r\n<li>Active Directory agent</li>\r\n<li>Support for custom APIs</li>\r\n<li>Citrix Terminal Server support</li>\r\n<li>High availability</li>\r\n<li>Migration support</li>\r\n<li>Virtual machine support</li>\r\n<li>Scalability</li>\r\n</ul>\r\n<p><span style=\"font-weight: bold;\">Benefits:</span></p>\r\n<ul>\r\n<li>Consolidates data from multiple authentication sources, eliminating the need for every system that requires authentication data to interact with every authentication source</li>\r\n<li>Eliminates the burden on an often-overtaxed infrastructure with a single system that caches data for other authentication data consumers</li>\r\n<li>Gathers authentication data from systems that support syslog</li>\r\n<li>Gathers authentication data from Active Directory through the Microsoft Windows Management Interface (WMI)</li>\r\n<li>Gathers Active Directory authentication data from switches supporting Kerberos SPAN</li>\r\n<li>Understands when endpoints log off</li>\r\n<li>Gathers authentication data from up to 10 Microsoft Active Directory domain controllers</li>\r\n<li>Gathers authentication data from systems that support a custom interface</li>\r\n<li>Gathers authentication data from Citrix Terminal Server</li>\r\n<li>Supports active/passive redundancy</li>\r\n<li>Customers may upgrade from the Cisco ISE Passive Identity Connector to Cisco ISE, adding the Passive Identity Connector node to an existing Cisco ISE cluster.</li>\r\n<li>Supports KVM, VMware, and Hyper-V</li>\r\n<li>Tailored to fit your organization with support for 3,000 and 300,000 sessions</li>\r\n</ul>\r\n","shortDescription":"Cisco Identity Services Engine - усовершенствование мониторинга, контроль доступа, сдерживание угроз","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":8,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"CISCO ISE (Identity Services Engine)","keywords":"","description":"\r\n<p>The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. It gives you intelligent, integrated protection through intent-based policy and compliance solutions. And it is all delive","og:title":"CISCO ISE (Identity Services Engine)","og:description":"\r\n<p>The Cisco Identity Services Engine (ISE) offers a network-based approach for adaptable, trusted access everywhere, based on context. It gives you intelligent, integrated protection through intent-based policy and compliance solutions. And it is all delive","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Cisco_ISE__IDENTITY_SERVICES_ENGINE_.jpg"},"eventUrl":"","translationId":3074,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":205,"title":"NAC - Network Access Control","alias":"nac-network-access-control","description":"<span style=\"font-weight: bold; \">Network Access Control (NAC)</span> is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement. NAC solutions have become an extremely valuable tool in recent years, as mobile devices and the Internet of Things (IoT) have surged to prominence in various industries across the world. These new pieces of emerging technology come with their own set of vulnerabilities, which poses a challenge to IT security experts. \r\nNAC systems are put into place to make sure that anyone who enters the system, both in terms of users and devices, is authorized. After being routed the efforts at connection, the network access control system confirms privileges using an identity and access management (IAM, a program that checks users for appropriate permissions to access data materials, as indicated by internal policies). With the information from the IAM, along with a pre-established list of rules, the NAC software is able to smartly accept or deny access requests.\r\nFortunately, NAC products are designed to handle large enterprise networks that have a range of device types trying to connect at all times. Without a NAC in place, companies take on a huge amount of risk by adopting a bring-your-own-device (BYOD) policy, which allows employees and vendors to use their own smartphones and tablets on the local network. Network access control software and hardware require an upfront investment but prove their worth in the long run.","materialsDescription":"<h1 class=\"align-center\">&nbsp;How a NAC solution works?</h1>\r\nWhen you adopt a network access control solution, the first thing it will do is find all devices currently accessing the system; identify what kind of device they are; and determine whether to validate them and how to treat them using preestablished protocols designed by the company’s security personnel. A network access control system has rules related to a wide spectrum of devices, along with finely grained settings to help you determine permissions. A unified administrative system houses these rules and applies them as needed.\r\nMany companies will utilize NAC as their staff grows and they have an increasing number of devices to manage. These solutions are also helpful for achieving data protection across a variety of different branch locations. The difficulty of securing an organization and managing access has become especially overwhelming in an era when widespread incorporation of IOT devices is becoming more common throughout business; NAC is the fix. The general issue with bring your own device (BYOD), though, is what drew many businesses to this service.\r\n<h1 class=\"align-center\">How to Choose a Network Access Control Solution</h1>\r\nTo help narrow down your search for NAC products, you should first focus on tools that offer native integration with your enterprise’s existing software. You don’t want to have to change your infrastructure or network design in order to bring the NAC solution online. If you are heavily dependent on a cloud architecture, then look for solutions that are fully supported by your hosting provider.\r\nNext, think about what kind of proactive tools come included with the NAC suite. Some vendors offer all-in-one packages that feature a full virus scanning utility and firewall mechanism alongside everything else in the NAC. If your IT security strategy is not very mature, this kind of suite may be very helpful.\r\nOf course, one key factor when looking at NAC options is the price point. Some vendors will sell their products at a flat rate, while others are quickly going the route of Software as a Service (SaaS) subscription, an increasingly-popular business model that requires a monthly payment and ongoing contract. Think about the state of your IT budget while remembering that the upfront investment could save you lots of money down the road."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"79":{"1286":{"id":6641,"characteristicId":1286,"templateId":79,"value":"Requires network pre-requisites"},"1288":{"id":6642,"characteristicId":1288,"templateId":79,"value":"Virtual or hardware appliance"},"1290":{"id":6643,"characteristicId":1290,"templateId":79,"value":"Works best with Cisco environment"},"1292":{"id":6644,"characteristicId":1292,"templateId":79,"value":"Recommends appliances for remote locations"},"1294":{"id":6645,"characteristicId":1294,"templateId":79,"value":"Available only with 802.1X"},"1296":{"id":6646,"characteristicId":1296,"templateId":79,"value":"Offers scalable context"},"1298":{"id":6647,"characteristicId":1298,"templateId":79,"value":"More effective with 802.1X"},"1300":{"id":6648,"characteristicId":1300,"templateId":79,"value":"Requires an agent for posture assessment"},"1302":{"id":6649,"characteristicId":1302,"templateId":79,"value":"Requires 802.1X to authenticate devices"},"1304":{"id":6650,"characteristicId":1304,"templateId":79,"value":"Network firmware upgrades, complex configuration, RADIUS"},"1306":{"id":6651,"characteristicId":1306,"templateId":79,"value":"802.1X limits scalability of deployments"},"1308":{"id":6652,"characteristicId":1308,"templateId":79,"value":"Requires on site configuration and challenges branch availability"},"1310":{"id":6653,"characteristicId":1310,"templateId":79,"value":"Wireless via 802.1X"},"1312":{"id":6654,"characteristicId":1312,"templateId":79,"value":"Visibility enhanced with 802.1X compatible devices"},"1314":{"id":6655,"characteristicId":1314,"templateId":79,"value":"Requires agent"},"1316":{"id":6656,"characteristicId":1316,"templateId":79,"value":"Basic profiling of IoT devices"},"1318":{"id":6657,"characteristicId":1318,"templateId":79,"value":"No capability for full network view"},"1320":{"id":6658,"characteristicId":1320,"templateId":79,"value":"Lack of context, requires manual intervention"},"1322":{"id":6659,"characteristicId":1322,"templateId":79,"value":"Full capabilities for guest access"},"1324":{"id":6660,"characteristicId":1324,"templateId":79,"value":"BYOD control and visibility with captive portal"}}}},{"id":1196,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/ForeScout.png","logo":true,"scheme":false,"title":"ForeScout CounterACT","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"alias":"forescout-counteract","companyTypes":[],"description":"\r\n<p>CounterACT agentless technology discovers, classifies and assesses devices. CounterACT interrogates the network infrastructure to discover devices as they connect to the network. Our customers have reported seeing up to 60% more devices on their network than previously known. After discovering a device, CounterACT uses a combination of passive and active methods to classify the device according to its type and ownership. Based on its classification, CounterACT then assesses the device security posture and allows organizations to set policies that establish the specific behavior the device is allowed to have while connected to a network.</p>\r\n<p>At ForeScout, we don&rsquo;t believe in artificial barriers that limit your options and force vendor lock-in. CounterACT works with leading network infrastructure, third-party security and IT management solutions. It also offers flexible deployment and configuration options to match your company&rsquo;s specific needs. Choose physical or virtual deployments or both, and centrally manage them with CounterACT Enterprise Manager.</p>\r\n<p><span style=\"font-weight: bold;\">Several features set CounterACT apart:</span></p>\r\n<p>&nbsp;</p>\r\n<ul>\r\n<li>Agentless: No endpoint agents are required for authentication and network access control, allowing CounterACT to see and control managed, unmanaged and IoT devices.</li>\r\n<li>Open interoperability: CounterACT works with popular switches, routers, VPNs, firewalls, endpoint operating systems (Windows&reg;, Linux, iOS&reg;, OS X and Android), patch management systems, antivirus systems, directories and ticketing systems&mdash;without infrastructure changes or upgrades.</li>\r\n<li>Security orchestration: Optional modules orchestrate information sharing and policy-based security enforcement between CounterACT and leading IT and security management products.</li>\r\n<li>802.1X authentication, or not: Choose 802.1X or other authentication technologies such as LDAP, Active Directory, RADIUS, Oracle and Sun. Hybrid mode lets you use multiple technologies concurrently.</li>\r\n</ul>\r\n","shortDescription":"ForeScout CounterACT is a security solution that dynamically identifies and evaluates physical and virtual network infrastructure, devices and applications the instant they connect to your network.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":16,"sellingCount":17,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"ForeScout CounterACT","keywords":"CounterACT, network, device, devices, security, management, with, authentication","description":"\r\n<p>CounterACT agentless technology discovers, classifies and assesses devices. CounterACT interrogates the network infrastructure to discover devices as they connect to the network. Our customers have reported seeing up to 60% more devices on their network t","og:title":"ForeScout CounterACT","og:description":"\r\n<p>CounterACT agentless technology discovers, classifies and assesses devices. CounterACT interrogates the network infrastructure to discover devices as they connect to the network. Our customers have reported seeing up to 60% more devices on their network t","og:image":"https://old.roi4cio.com/fileadmin/user_upload/ForeScout.png"},"eventUrl":"","translationId":1197,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":205,"title":"NAC - Network Access Control","alias":"nac-network-access-control","description":"<span style=\"font-weight: bold; \">Network Access Control (NAC)</span> is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement. NAC solutions have become an extremely valuable tool in recent years, as mobile devices and the Internet of Things (IoT) have surged to prominence in various industries across the world. These new pieces of emerging technology come with their own set of vulnerabilities, which poses a challenge to IT security experts. \r\nNAC systems are put into place to make sure that anyone who enters the system, both in terms of users and devices, is authorized. After being routed the efforts at connection, the network access control system confirms privileges using an identity and access management (IAM, a program that checks users for appropriate permissions to access data materials, as indicated by internal policies). With the information from the IAM, along with a pre-established list of rules, the NAC software is able to smartly accept or deny access requests.\r\nFortunately, NAC products are designed to handle large enterprise networks that have a range of device types trying to connect at all times. Without a NAC in place, companies take on a huge amount of risk by adopting a bring-your-own-device (BYOD) policy, which allows employees and vendors to use their own smartphones and tablets on the local network. Network access control software and hardware require an upfront investment but prove their worth in the long run.","materialsDescription":"<h1 class=\"align-center\">&nbsp;How a NAC solution works?</h1>\r\nWhen you adopt a network access control solution, the first thing it will do is find all devices currently accessing the system; identify what kind of device they are; and determine whether to validate them and how to treat them using preestablished protocols designed by the company’s security personnel. A network access control system has rules related to a wide spectrum of devices, along with finely grained settings to help you determine permissions. A unified administrative system houses these rules and applies them as needed.\r\nMany companies will utilize NAC as their staff grows and they have an increasing number of devices to manage. These solutions are also helpful for achieving data protection across a variety of different branch locations. The difficulty of securing an organization and managing access has become especially overwhelming in an era when widespread incorporation of IOT devices is becoming more common throughout business; NAC is the fix. The general issue with bring your own device (BYOD), though, is what drew many businesses to this service.\r\n<h1 class=\"align-center\">How to Choose a Network Access Control Solution</h1>\r\nTo help narrow down your search for NAC products, you should first focus on tools that offer native integration with your enterprise’s existing software. You don’t want to have to change your infrastructure or network design in order to bring the NAC solution online. If you are heavily dependent on a cloud architecture, then look for solutions that are fully supported by your hosting provider.\r\nNext, think about what kind of proactive tools come included with the NAC suite. Some vendors offer all-in-one packages that feature a full virus scanning utility and firewall mechanism alongside everything else in the NAC. If your IT security strategy is not very mature, this kind of suite may be very helpful.\r\nOf course, one key factor when looking at NAC options is the price point. Some vendors will sell their products at a flat rate, while others are quickly going the route of Software as a Service (SaaS) subscription, an increasingly-popular business model that requires a monthly payment and ongoing contract. Think about the state of your IT budget while remembering that the upfront investment could save you lots of money down the road."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"79":{"1286":{"id":6621,"characteristicId":1286,"templateId":79,"value":"Complex, requires advanced integrations and deployment skills"},"1288":{"id":6622,"characteristicId":1288,"templateId":79,"value":"Virtual or hardware appliance"},"1290":{"id":6623,"characteristicId":1290,"templateId":79,"value":"Integrates with all network infrastructure"},"1292":{"id":6624,"characteristicId":1292,"templateId":79,"value":"Recommends appliances for remote locations"},"1294":{"id":6625,"characteristicId":1294,"templateId":79,"value":"Limited support for VLAN"},"1296":{"id":6626,"characteristicId":1296,"templateId":79,"value":"Integrates with other services"},"1298":{"id":6627,"characteristicId":1298,"templateId":79,"value":"Define policies based on organizational roles"},"1300":{"id":6628,"characteristicId":1300,"templateId":79,"value":"Requires a dissolvable agent for full functionality"},"1302":{"id":6629,"characteristicId":1302,"templateId":79,"value":"Does not require 802.1X to authenticate devices"},"1304":{"id":6630,"characteristicId":1304,"templateId":79,"value":"Many features rely on the configuration/set up of port mirror/span port"},"1306":{"id":6631,"characteristicId":1306,"templateId":79,"value":"Requires additional appliances and upgrades"},"1308":{"id":6632,"characteristicId":1308,"templateId":79,"value":"Recommends on-site appliances for full feature set, limitations for sizing"},"1310":{"id":6633,"characteristicId":1310,"templateId":79,"value":"Partial integration with on-premise wireless controllers"},"1312":{"id":6634,"characteristicId":1312,"templateId":79,"value":"Visibility into all network devices only with port mirroring enabled"},"1314":{"id":6635,"characteristicId":1314,"templateId":79,"value":"Enhanced visibility into business level applications"},"1316":{"id":6636,"characteristicId":1316,"templateId":79,"value":"Discovery and control capabilities"},"1318":{"id":6637,"characteristicId":1318,"templateId":79,"value":"Limited capability for full network infrastructure view"},"1320":{"id":6638,"characteristicId":1320,"templateId":79,"value":"Built-in integration with various security vendors"},"1322":{"id":6639,"characteristicId":1322,"templateId":79,"value":"Full capabilities for guest access"},"1324":{"id":6640,"characteristicId":1324,"templateId":79,"value":"BYOD control and visibility with captive portal"}}}},{"id":351,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/portnox.png","logo":true,"schemeURL":"https://old.roi4cio.com/fileadmin/user_upload/portnoxcore.JPG","scheme":true,"title":"Portnox CORE","vendorVerified":0,"rating":"1.00","implementationsCount":1,"suppliersCount":0,"alias":"portnox-core","companyTypes":[],"description":"<ul><li>&nbsp;See relevant security risks on the network.</li> <li>Control access to ensure compliance with security protocols.</li> <li>Automate reactions based on device and user behavior to prevent breaches.</li> </ul>\r\n<span style=\"font-weight: bold;\">See</span> Utilizing its agentless technology, Portnox CORE can detect and profile any device on the corporate network in real time and across all network layers. It is deployed from a central location and but can see activity across all network locations – from headquarters to remote offices. It integrates with most third party security applications to provide a complete and thorough picture of the network.\r\n<span style=\"font-weight: bold;\">Control</span> Portnox CORE mitigates cybersecurity risks with automated features to limit access, quarantine and block rogue devices or install patch updates. It remediates immediate security issues by allowing for complete control and wield over all network variables – from a smartwatch to a network server. CORE gives network admins the control they need to prevent risks and effectively respond to the ones that get through.\r\n<span style=\"font-weight: bold;\">Automate</span> Some say that the future of IT is automation. With Portnox CORE – you can have those cutting-edge features today. Deliver unique automated reactions based on network security protocols or risky device behavior, dramatically reducing the time and cost associated with manual response. Whether the reaction is enforcement or remediation, Portnox CORE can automate it and learn from the event context to maximize future protection.","shortDescription":"Portnox CORE is a solution for on-premise network access control, visibility and enforcement in real-time on all devices.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":9,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Portnox CORE","keywords":"Portnox, devices, such, accuracy, only, network, user, right","description":"<ul><li>&nbsp;See relevant security risks on the network.</li> <li>Control access to ensure compliance with security protocols.</li> <li>Automate reactions based on device and user behavior to prevent breaches.</li> </ul>\r\n<span style=\"font-weight: bold;\">See<","og:title":"Portnox CORE","og:description":"<ul><li>&nbsp;See relevant security risks on the network.</li> <li>Control access to ensure compliance with security protocols.</li> <li>Automate reactions based on device and user behavior to prevent breaches.</li> </ul>\r\n<span style=\"font-weight: bold;\">See<","og:image":"https://old.roi4cio.com/fileadmin/user_upload/portnox.png"},"eventUrl":"","translationId":352,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":205,"title":"NAC - Network Access Control","alias":"nac-network-access-control","description":"<span style=\"font-weight: bold; \">Network Access Control (NAC)</span> is an approach to computer security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement. NAC solutions have become an extremely valuable tool in recent years, as mobile devices and the Internet of Things (IoT) have surged to prominence in various industries across the world. These new pieces of emerging technology come with their own set of vulnerabilities, which poses a challenge to IT security experts. \r\nNAC systems are put into place to make sure that anyone who enters the system, both in terms of users and devices, is authorized. After being routed the efforts at connection, the network access control system confirms privileges using an identity and access management (IAM, a program that checks users for appropriate permissions to access data materials, as indicated by internal policies). With the information from the IAM, along with a pre-established list of rules, the NAC software is able to smartly accept or deny access requests.\r\nFortunately, NAC products are designed to handle large enterprise networks that have a range of device types trying to connect at all times. Without a NAC in place, companies take on a huge amount of risk by adopting a bring-your-own-device (BYOD) policy, which allows employees and vendors to use their own smartphones and tablets on the local network. Network access control software and hardware require an upfront investment but prove their worth in the long run.","materialsDescription":"<h1 class=\"align-center\">&nbsp;How a NAC solution works?</h1>\r\nWhen you adopt a network access control solution, the first thing it will do is find all devices currently accessing the system; identify what kind of device they are; and determine whether to validate them and how to treat them using preestablished protocols designed by the company’s security personnel. A network access control system has rules related to a wide spectrum of devices, along with finely grained settings to help you determine permissions. A unified administrative system houses these rules and applies them as needed.\r\nMany companies will utilize NAC as their staff grows and they have an increasing number of devices to manage. These solutions are also helpful for achieving data protection across a variety of different branch locations. The difficulty of securing an organization and managing access has become especially overwhelming in an era when widespread incorporation of IOT devices is becoming more common throughout business; NAC is the fix. The general issue with bring your own device (BYOD), though, is what drew many businesses to this service.\r\n<h1 class=\"align-center\">How to Choose a Network Access Control Solution</h1>\r\nTo help narrow down your search for NAC products, you should first focus on tools that offer native integration with your enterprise’s existing software. You don’t want to have to change your infrastructure or network design in order to bring the NAC solution online. If you are heavily dependent on a cloud architecture, then look for solutions that are fully supported by your hosting provider.\r\nNext, think about what kind of proactive tools come included with the NAC suite. Some vendors offer all-in-one packages that feature a full virus scanning utility and firewall mechanism alongside everything else in the NAC. If your IT security strategy is not very mature, this kind of suite may be very helpful.\r\nOf course, one key factor when looking at NAC options is the price point. Some vendors will sell their products at a flat rate, while others are quickly going the route of Software as a Service (SaaS) subscription, an increasingly-popular business model that requires a monthly payment and ongoing contract. Think about the state of your IT budget while remembering that the upfront investment could save you lots of money down the road."},{"id":834,"title":"IoT - Internet of Things Security","alias":"iot-internet-of-things-security","description":" IoT security is the technology area concerned with safeguarding connected devices and networks in the internet of things (IoT).\r\nIoT involves adding internet connectivity to a system of interrelated computing devices, mechanical and digital machines, objects, animals and/or people. Each &quot;thing&quot; is provided a unique identifier and the ability to automatically transfer data over a network. Allowing devices to connect to the internet opens them up to a number of serious vulnerabilities if they are not properly protected.\r\nIoT security has become the subject of scrutiny after a number of high-profile incidents where a common IoT device was used to infiltrate and attack the larger network. Implementing security measures is critical to ensuring the safety of networks with IoT devices connected to them.\r\nIoT security hacks can happen in any industry, from smart home to a manufacturing plant to a connected car. The severity of impact depends greatly on the individual system, the data collected and/or the information it contains.\r\nAn attack disabling the brakes of a connected car, for example, or on a connected health device, such as an insulin pump hacked to administer too much medication to a patient, can be life-threatening. Likewise, an attack on a refrigeration system housing medicine that is monitored by an IoT system can ruin the viability of a medicine if temperatures fluctuate. Similarly, an attack on critical infrastructure -- an oil well, energy grid or water supply -- can be disastrous.\r\nSo, a robust IoT security portfolio must allow protecting devices from all types of vulnerabilities while deploying the security level that best matches application needs. Cryptography technologies are used to combat communication attacks. Security services are offered for protecting against lifecycle attacks. Isolation measures can be implemented to fend off software attacks. And, finally, IoT security should include tamper mitigation and side-channel attack mitigation technologies for fighting physical attacks of the chip.","materialsDescription":" <span style=\"font-weight: bold;\">What are the key requirements of IoT Security?</span>\r\nThe key requirements for any IoT security solution are:\r\n<ul><li>Device and data security, including authentication of devices and confidentiality and integrity of data</li><li>Implementing and running security operations at IoT scale</li><li>Meeting compliance requirements and requests</li><li>Meeting performance requirements as per the use case</li></ul>\r\n<span style=\"font-weight: bold;\">What do connected devices require to participate in the IoT Securely?</span>\r\nTo securely participate in the IoT, each connected device needs a unique identification – even before it has an IP address. This digital credential establishes the root of trust for the device’s entire lifecycle, from initial design to deployment to retirement.\r\n<span style=\"font-weight: bold;\">Why is device authentication necessary for the IoT?</span>\r\nStrong IoT device authentication is required to ensure connected devices on the IoT can be trusted to be what they purport to be. Consequently, each IoT device needs a unique identity that can be authenticated when the device attempts to connect to a gateway or central server. With this unique ID in place, IT system administrators can track each device throughout its lifecycle, communicate securely with it, and prevent it from executing harmful processes. If a device exhibits unexpected behavior, administrators can simply revoke its privileges.\r\n<span style=\"font-weight: bold;\">Why is secure manufacturing necessary for IoT devices?</span>\r\nIoT devices produced through unsecured manufacturing processes provide criminals opportunities to change production runs to introduce unauthorized code or produce additional units that are subsequently sold on the black market.\r\nOne way to secure manufacturing processes is to use hardware security modules (HSMs) and supporting security software to inject cryptographic keys and digital certificates and to control the number of units built and the code incorporated into each.\r\n<span style=\"font-weight: bold;\">Why is code signing necessary for IoT devices?</span>\r\nTo protect businesses, brands, partners, and users from software that has been infected by malware, software developers have adopted code signing. In the IoT, code signing in the software release process ensures the integrity of IoT device software and firmware updates and defends against the risks associated with code tampering or code that deviates from organizational policies.\r\nIn public key cryptography, code signing is a specific use of certificate-based digital signatures that enables an organization to verify the identity of the software publisher and certify the software has not been changed since it was published.\r\n<span style=\"font-weight: bold;\">What is IoT PKI?</span>\r\nToday there are more things (devices) online than there are people on the planet! Devices are the number one users of the Internet and need digital identities for secure operation. As enterprises seek to transform their business models to stay competitive, rapid adoption of IoT technologies is creating increasing demand for Public Key Infrastructures (PKIs) to provide digital certificates for the growing number of devices and the software and firmware they run.\r\nSafe IoT deployments require not only trusting the devices to be authentic and to be who they say they are, but also trusting that the data they collect is real and not altered. If one cannot trust the IoT devices and the data, there is no point in collecting, running analytics, and executing decisions based on the information collected.\r\nSecure adoption of IoT requires:\r\n<ul><li>Enabling mutual authentication between connected devices and applications</li><li>Maintaining the integrity and confidentiality of the data collected by devices</li><li>Ensuring the legitimacy and integrity of the software downloaded to devices</li><li>Preserving the privacy of sensitive data in light of stricter security regulations</li></ul>"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"79":{"1286":{"id":6601,"characteristicId":1286,"templateId":79,"value":"Deployment driven, modular software, intuitive, flexible"},"1288":{"id":6602,"characteristicId":1288,"templateId":79,"value":"Software-only"},"1290":{"id":6603,"characteristicId":1290,"templateId":79,"value":"Integrates with all network infrastructure"},"1292":{"id":6604,"characteristicId":1292,"templateId":79,"value":"Deployed from one location, no need for remote appliances"},"1294":{"id":6605,"characteristicId":1294,"templateId":79,"value":"Native implementation of VLAN segmentation"},"1296":{"id":6606,"characteristicId":1296,"templateId":79,"value":"Shares context both inbound and outbound"},"1298":{"id":6607,"characteristicId":1298,"templateId":79,"value":"Define policies based on organizational roles"},"1300":{"id":6608,"characteristicId":1300,"templateId":79,"value":"Support for over 25 different authentication methods that do not require an agent"},"1302":{"id":6609,"characteristicId":1302,"templateId":79,"value":"Does not require 802.1X to authenticate devices"},"1304":{"id":6610,"characteristicId":1304,"templateId":79,"value":"No requirements for mirror or span ports"},"1306":{"id":6611,"characteristicId":1306,"templateId":79,"value":"Lightweight infrastructure enables easily scalable deployments across geolocations"},"1308":{"id":6612,"characteristicId":1308,"templateId":79,"value":"Seamless coverage of remote branches"},"1310":{"id":6613,"characteristicId":1310,"templateId":79,"value":"Optional 802.1X wireless"},"1312":{"id":6614,"characteristicId":1312,"templateId":79,"value":"100% streamlined device visibility (NAS and device view)"},"1314":{"id":6615,"characteristicId":1314,"templateId":79,"value":"Seamless application data collection"},"1316":{"id":6616,"characteristicId":1316,"templateId":79,"value":"Two-fold device detection and analysis"},"1318":{"id":6617,"characteristicId":1318,"templateId":79,"value":"Simple to operate, understand issues and see them immediately"},"1320":{"id":6618,"characteristicId":1320,"templateId":79,"value":"Open-platform, native API integration, intuitive data flows"},"1322":{"id":6619,"characteristicId":1322,"templateId":79,"value":"Limited native capabilities"},"1324":{"id":6620,"characteristicId":1324,"templateId":79,"value":"Limited native capabilities for BYOD control"}}}}],"selectedTemplateId":79},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}