Black Box - LVN5000E, Veri-NAC Enterprise

Butikk startside > Nettverk > Nettverksenheter > Sikkerhet > Veri-NAC Enterprise

Produkt kan variere for aktuelt produkt		Veri-NAC Enterprise Robust network security for enterprise networks up to 100.000 nodes. One-box network access control (NAC). Agent less and non-inline design provides rock-solid security in an easy-to-deploy appliance. Works with existing switches, no infrastructure upgrade needed. Supports both wired and wireless devices. Protects your network from dangers that firewalls can’t defend against, including hacks through printers, VoIP phones, wireless access points, bar-code scanners, smartphones, and more. Detects malware on an infected device and reassigns that device to a quarantine VLAN until the problem is resolved. Provides black holing and VLAN quarantining when used with selected smart switch networks. Control who can connect to your network. Unknown laptops and unauthorized wireless access points are no longer a problem.
		Share \|

	Produkt				Kode		Enhetspris		Antall

network up to 500 nodes

Veri-NAC Enterprise

LVN5250A-R2

På forespørsel

network up to 6.000 nodes

Veri-NAC Enterprise

LVN5400A-R2

På forespørsel

network up to 50.000 nodes

Veri-NAC Enterprise

LVN5600A-R2

På forespørsel

network up to 100.000 nodes

Veri-NAC Enterprise

LVN5800A-R2

På forespørsel

* All include an endpoint vulnerability auditing engine.

Legg til i handlekurv

Mer informasjon

Tekniske data

Part of the Veri-NAC family
These Veri-NAC™ products are part of the Veri-NAC family of one-box NAC solutions. The Veri-NAC family consists of Network Access Control solutions ranging in size from small office networks up to large enterprise solutions.
Veri-NAC™ 5250 provides state-of-the-art network access control for networks up to 500 nodes on 2 subnets and the Veri-NAC™ 5400 up to 6000 nodes on 4 subnets. For up to 50,000 nodes on 6 subnets use the Veri-NAC™ 5600. For even larger network with up to 100.000 nodes on 8 subnets, Veri-NAC™ 5800 is the right solution.

Designed for simplicity
NAC solutions have been around for a while but have been slow to catch on because they’ve been expensive, time-consuming, and often require extensive equipment upgrades. In short, they were just too complicated to be worthwhile for most organizations.
Veri-NAC, on the other hand, is designed to provide maximum security in a simple, agent less design that’s also very affordable. There’s no need for extensive training or dedicated personnel, no need to install software agents, and no need to upgrade switches—Veri-NAC is easy to integrate into your network.

Only the trusted
Veri-NAC only lets computers and devices onto your network if they comply with standards that you specify.
All network devices have a unique, factory-installed MAC address. Veri-NAC assembles a profile of each device, including the MAC address as well as other information, and only lets known, trusted devices on the network. It can even detect and stop a machine trying to get in under a spoofed MAC address.
If Veri-NAC detects an untrusted asset, it will automatically send administration an alert to investigate and correct the problem.
Veri-NAC enterprise models also include an endpoint vulnerability auditing engine featuring the common vulnerability and exposures (CVE) database, which checks to make sure each connected device complies with your standards, including up-to-date operating system patches. This auditing function works for all connected devices, not just PCs.

Protects continuously
Veri-NAC continuously scans your network, looking for unauthorized devices attempting to obtain an IP address. In addition, you can schedule Veri-NAC to scan attached devices to search for security vulnerabilities.

Detection and blocking feature
Quarantine or block malware-infested PCs—even zero-day malware that would otherwise go unchecked by standard virus-protection software. Then use the Data Rescue Engine (available separately) to retrieve important files safely without spreading the infection.

No agents
Unlike most other NAC systems, Veri-NAC doesn’t require that you install software agents on connected machines. This both simplifies installation and improves security because agents are vulnerable to hacking. Agent less design means that Veri-NAC also works with devices such as printers, smart phones, and wireless access points that can’t have agents installed on them.

Cost effective
Not only is the up-front cost for Veri-NAC often lower than other solutions, installation and ongoing maintenance are lower, too.
Veri-NAC works with your existing network and legacy infrastructure, so there’s no need for expensive upgrades. Plus, Veri-NAC requires no formal training and only minimal installation time, so even organizations with a limited IT staff can easily add it to their network security plan without straining resources.

Flexible
Veri-NAC offers a great deal of flexibility in how it responds to perceived threats. For instance, if Veri-NAC detects a device with an unknown MAC address, it can lock that device out entirely or limit it to only a guest VLAN that you set up. If it detects a computer with outdated virus software, it can lock it out, direct the user to a server with updated virus software, or admit the user to the network while sending a message to your IT staff to update the software.

Guests
Unknown users and devices—guests, for instance—can either be allowed on the network but flagged as an untrusted asset, or blocked entirely. If you have visitors who want to use their own laptops or smartphones to access the Internet, Veri-NAC can grant them access only to the Internet via a guest VLAN while restricting them from your organization’s intranet.

VLAN quarantining
Veri-NAC works with all 802.1q enabled switches to protect VLANs. It will permit users to connect to authorized VLANs, but will deny access if they attempt to access restricted VLANs. You can also assign trusted assets to multiple VLANs. Veri-NAC 5250 protects up to 20 VLANs, Veri-NAC 5400 protects up to 40 VLANs, Veri_NAC 5600 up to 60 and Veri-NAC 5800 up to 80 VLANs.

Black holes and blocking
Veri-NAC provides additional methods for blocking untrusted assets. When used with ExtremeNetworks smart switches, Veri-NAC uses their secure API to facilitate communications. Veri-NAC can tell each switch about untrusted assets and “blackhole” it. This cuts off all traffic and the asset can't go anywhere. This also eliminates the need to Veri-NAC to keep streaming its agentless blocking. The second method, switch port blocking, works with Cisco, 3Com®, HP® and ExtremeNetworks switches. If Veri-NAC detects an untrusted asset, it physically turns off the switch port by location so it is, in essence, “dead” until the administrators turn it back on.

Fast, straightforward setup
This capable NAC system takes just minutes to install. Veri-NAC is literally a turnkey network appliance — just plug it in, turn it on, and follow the simple on-screen instructions to configure it. There’s no need to upgrade your hardware or operating systems. The simplified user interface has practically no learning curve.

Detailed reports
To help you manage trusted and untrusted assets, Veri-NAC shows all assets by IP and MAC addresses, but also by user login name so you know exactly where a threat is coming from. Veri-NAC displays network vulnerability information in colorful, easy-to-interpret graphs and charts. With one glance, you can view the status of your network and of each node within your network. Veri-NAC tracks and logs common vulnerabilities and exposures (CVEs), documenting end-user policies for regulatory compliance initiatives. In tracking vulnerabilities, Veri-NAC also assigns risk levels: low, medium, high, and serious, and issues alerts so the problems can be corrected.

Treads lightly in your network
Because Veri-NAC isn’t an in-line device, it won’t negatively affect network performance. Under normal conditions, Veri-NAC uses less than 10 kbps of bandwidth to block untrusted users and between 50 and 100 kbps while it’s auditing for vulnerabilities. This small amount of bandwidth isn’t enough to make a noticeable difference in network performance in most circumstances. In addition, when used with extreme network switches, Veri-NAC can blackhole untrusted assets using no network traffic.

Veri-NAC offers two ways to detect the bad guys.
Veri-NAC can do far more than just provide network access control. All enterprise models support daily vulnerability and malware updates over the Internet, which enable Veri-NAC to check for common vulnerabilities and exposures plus malware trying to call home.

Daily vulnerability updates (separate mandatory item: LVN5xxxA-R2-VW-1/3)
Veri-NAC uses Daily Vulnerability Updates to track and log common vulnerabilities and exposures (CVEs). It alerts you whenever an attached device has a problem that would leave it vulnerable to a hacker, so you can take steps to rectify the situation.

Daily malware updates (separate mandatory item: LVN5xxxA-R2-VW-1/3)
Veri-NAC now gives you two methods for detecting previously undetectable malware. It takes advantage of the fact that most malware tries to “call home.” In the first method, simply add a Network Tap (TS250A) near the firewall. The second method involves setting up a mirror port on your network switch. In both applications, Veri-NAC will keep watch for outgoing network traffic going to known malware repositories.