Applied Energy Products NACpoint User Manual

AEP NACpoint™

Managed end users

Guest access

Partner access

•

•

•

Conference rooms

Mobile users

Shared workspaces

•

•

•

Provide isolated guest access while keeping the corporate network safe

Protect network resources against unmanaged devices infected by other less-secure networks

Guide end users through self-remediation before vulnerabilities spread

Deploy highly granular access policies - with customizable templates - for quick and automatic enforcement

Get up and running seamlessly - does not alter existing network configurations or equipment

Integrate with all leading vendor infrastructure

AEP NACpoint provides a comprehensive data reporting system designed to give insight into:

End user and device vulnerabilities: OS patches, security product version, malware

Rogue devices connecting to the network

Compliance auditing for policy infractions, authentication and user systems access

•

•

•

•

•

•

•

•

•

AEP Networks offers two platforms (AEP NACpoint and AEP NACpoint Small Office) that deliver a cost-effective NAC solution regardless of your

organization’s size. The AEP NACpoint Small Office platform is ideal as an entry level solution or for small businesses, branch/remote offices,

or multiple retail locations.

NACpoint is part of a comprehensive AEP Policy Networking security product suite

AEP NACpoint

Identity-based Network Admission Control Point

AEP NACpoint is a policy-centric Network Admission Control (NAC) appliance designed to secure LAN and wireless-based networks. NACpoint

provides endpoint vulnerability assessment, user authentication, device quarantine and remediation for your entire network including:

Features

Benefits

Granular Policy Engine

Powerful, highly customizable enforcement based on device health,

authentication, location, time of day, Intrusion Prevention System (IPS)

output, Operating System, agent presence, or registry configuration

•

Agentless or Optional Native Agent for vulnerability scans

Fast pre- and post-connect assessment of AntiVirus, Firewall, OS, Anti-spyware,

registry and OS patch levels without ANY additional host software

•

Multiple Automatic Quarantine Zones

Isolates infected users for remediation, controlling potential outbreaks from

spreading

•

Identity-based network segmentation

Separates resources based on user authentication for policy conformance and

control

•

Automatic Vulnerability Updates (via AEP NOCsets)

Daily updates of vulnerability knowledge ensures administrators are always

checking against the latest known threats

•

Out-of-band operation

Simplified deployment with minimum network interruption. Operates out of

the packet path to maximize security without throughput bottlenecks

•

Network Flexibility

Integrates with virtually any Layer 2 or Layer 3 managed switch or WAP to

isolate offending ports. 802.1x network configurations are supported but not

required for full operation

•

Detailed, Integrated Reporting Engine with Learning Mode

Demonstrates immediate value by discovering and auditing any device on the

network. Comprehensive executive and detailed reports identify vulnerable

users and remediation history. Customizable e-mail alerting on virtually any

policy condition or event for integration into automated IT systems

•

NACpoint allows you to: