AEP Networks NACpoint Specification Sheet

AEP NACpoint
Identity-based Network Admission Control Point
AEP NACpoint is a policy-centric Network Admission Control (NAC) appliance designed to secure LAN and wireless-based networks. NACpoint
provides endpoint vulnerability assessment, user authentication, device quarantine and remediation for your entire network including:
• Managed end users
• Guest access
• Partner access
NACpoint allows you to:
• Provide isolated guest access while keeping the corporate network safe
• Protect network resources against unmanaged devices infected by other less-secure networks
• Guide end users through self-remediation before vulnerabilities spread
• Deploy highly granular access policies - with customizable templates - for quick and automatic enforcement
• Get up and running seamlessly - does not alter existing network configurations or equipment
• Integrate with all leading vendor infrastructure
AEP NACpoint provides a comprehensive data reporting system designed to give insight into:
• End user and device vulnerabilities: OS patches, security product version, malware
• Rogue devices connecting to the network
• Compliance auditing for policy infractions, authentication and user systems access
AEP Networks offers two platforms (AEP NACpoint and AEP NACpoint Small Office) that deliver a cost-effective NAC solution regardless of your
organization's size. The AEP NACpoint Small Office platform is ideal as an entry level solution or for small businesses, branch/remote offices,
or multiple retail locations.
NACpoint is part of a comprehensive AEP Policy Networking security product suite
Features
Granular Policy Engine
Agentless or Optional Native Agent for vulnerability scans
Multiple Automatic Quarantine Zones
Identity-based network segmentation
Automatic Vulnerability Updates (via AEP NOCsets)
Out-of-band operation
Network Flexibility
Detailed, Integrated Reporting Engine with Learning Mode
• Conference rooms
• Mobile users
• Shared workspaces
Benefits
• Powerful, highly customizable enforcement based on device health,
authentication, location, time of day, Intrusion Prevention System (IPS)
output, Operating System, agent presence, or registry configuration
• Fast pre- and post-connect assessment of AntiVirus, Firewall, OS, Anti-spyware,
registry and OS patch levels without ANY additional host software
• Isolates infected users for remediation, controlling potential outbreaks from
spreading
• Separates resources based on user authentication for policy conformance and
control
• Daily updates of vulnerability knowledge ensures administrators are always
checking against the latest known threats
• Simplified deployment with minimum network interruption. Operates out of
the packet path to maximize security without throughput bottlenecks
• Integrates with virtually any Layer 2 or Layer 3 managed switch or WAP to
isolate offending ports. 802.1x network configurations are supported but not
required for full operation
• Demonstrates immediate value by discovering and auditing any device on the
network. Comprehensive executive and detailed reports identify vulnerable
users and remediation history. Customizable e-mail alerting on virtually any
policy condition or event for integration into automated IT systems
AEP NACpoint™