AGENTLESS VISIBILITY AND ENFORCEMENT
Easy NAC lets you see and control devices that join your network, without using agents. Immediately detect untrusted devices and restrict them from your network. Profile endpoints passively and actively, to determine operating system, manufacturer, and type of device.
For enforcement, Easy NAC uses ARP to restrict access to the network. ARP enforcement doesn’t require network changes and works with any network equipment, including unmanaged and managed switches.
SATELLITE LOCATIONS AND REMOTE OFFICES
Easy NAC is idea for distributed organizations with many remote locations. Easy NAC handles hundreds of remote sites as easily as one. Its advanced technology easily and affordably scales to handle any number of remote sites.
Supports NAT and overlapped subnet ranges
Is as compatible with consumer firewalls, routers and unmanaged switches as enterprise networks
No network changes or endpoint changes
AUTOMATED MAC ADDRESS WHITELISTING
Keeping track of which MAC addressees are allowed on your network and which are not can be a never ending job. Easy NAC takes the pain out of MAC address filtering by automating the process on both the LAN and WLAN. Easy NAC will regularly check with your Active Directory server to verify which devices are domain-joined. Devices that are confirmed as domain-joined will automatically be granted full access to the network. Devices that are not domain joined will automatically be restricted. Restricted devices can manually be flagged as approved. In addition, device profiling can also be used to automate the process of flagging approved devices.
Easy NAC provides a fingerprint feature to protect against MAC address spoofing. All devices on the network are profiled for their MAC address, IP, Operating System, and Hostname. This information can then be used to set a unique fingerprint for each device. Once a fingerprint has been set, the device(s) will be protected from spoofing.
FIREWALL / ADVANCED PERSISTENT THREAT INTEGRATION
Security appliances that are designed to monitor devices and network traffic can send event-based alerts for administrative action. CGX Access can receive event-based syslog messages from all types for security devices and take immediate action when necessary. If CGX Access receives an alert that a device has malware, we can restrict it immediately.
ENFORCE ANTI-VIRUS AND SECURITY POLICIES
With the ever increasing threats of zero day attacks, Advanced Persistent Threats, and ransomware it is more important than ever to verify endpoint security solutions are install, active and up-to-date. Easy NAC integrates with enterprise Anti-Virus vendors and leading patch management solutions, to verify endpoint security is active and up-to-date. By integrating with leading security solutions, Easy NAC can enforce compliance with security policies, without the use of agents. Devices out-of-compliance can be restricted at the point of network access.
Keeping track of which Bring Your Own Device belongs to who is a difficult task. Controlling which devices can connect when and where is even more difficult. Easy NAC makes the process of enrolling and controlling BYOD devices simple. Easy NAC provides employees with a self-registration captive portal to register their device with their AD credentials. Administrators can set policies to enforce and control BYOD. Simple policies can be set to limit the user(s), device quantities, device types, allowed network locations, allowed network resources, and more.
GUEST AND CONSULTANT REGISTRATION
Easy NAC provides multiple methods for organizations to automate the enrollment of their guests and consultants. These options range from self-registration to sponsor approved registrations to help organizations balance the need for security with guest convenience. Regardless of which method(s) is used the company remains in control of when, where, and how long the guest can connect to the network. Role-based access policies can be set to limit guests to the internet and consultants to specific servers or network segments.