CONTACT US  SEARCH SITE  
   
 
 
Network Access Control

Continuous Network Access with DeepNines Infection Free Networking (IFN)

DeepNines offers the industry’s first continuous network access control solution that constantly monitors network use to ensure your network stays free of infection. And all of this is integrated in an easy-to-use solution that works with any existing network infrastructure without requiring host-based agents.

DeepNines’ Infection Free Networking™ (IFN) is the most complete security offering from DeepNines, providing protection from outside threats as well as network control down to the host level.IFN drastically reduces the overall cost of isolating and treating infected machines.

Three Powerful Solutions in One ArchitectureThe Infection Free Networking (IFN) architecture includes the following:

  • Edge Security Profiler (ESP): Monitors and analyzes network traffic in real-time using this information to provide detailed information about network and user activity for reporting purposes.
  • Security Edge Platform (SEP): Keeps any infected transmissions from accessing your network from the un-trusted (or Internet) side. Stops malicious attacks before they impact the network through the combination of intrusion prevention, firewall, gateway anti-virus, content filtering and intelligent traffic management technologies.
  • Edge Infection Quarantine (EIQ): Blocks any infected workstations from accessing your network or spreading threats from the trusted (or internal) side. Scans new users both upon initial network access and throughout their time on the network to ensure that they remain infection-free and policy compliant.

Access Policies

IFN offers configurable “Security Access Domains” that allow the administrator to specify the level of access hosts given to the network, on what conditions to quarantine or remove a host from the network and the remediation strategy for offending hosts. These groupings are based on recommended settings that can easily be modified based on user preferences and policies. The Security Access Domains generally defined by DeepNines are as follows:

Access Group

Typical Conditions

Recommended Policy

Unknown

  • Host has not yet been scanned
  • Host did not allow itself to be scanned
  • Blocked
  • Restricted to non-sensitive areas of the network

Vulnerable: Low

  • Host has unauthorized software on its machine
  • Host is non-compliant with corporate policy
  • Administrator notified but no action taken

Vulnerable: Medium

  • Host is running an unsupported operating system
  • Host has not updated AV software
  • Host is violating bandwidth policies
  • Administrator notified but no action taken, or
  • Host traffic is restricted/rate limited

Vulnerable: High

  • Host is susceptible to a known exploit that is determined to be critical
  • Blocked
  • Restricted to non-sensitive areas of the network

Infected

  • A virus originated from the host (e.g. through email)
  • Traffic from the host was unclean or malicious
  • Traffic from the hosted exceeded specified parameters
  • Blocked

Clean

  • A scan of the host revealed no issues
  • Network access granted


Key Differentiators

  • No host-based software or agents required
  • No changes or upgrades to network hardware required
  • Continuous inspection and monitoring of users during entire time on the network, as opposed to simply authenticating during logon.
  • Configurable “Security Access Domains” allowing the administrator to specify the level of access hosts given to the network, on what conditions to quarantine or remove a host from the network and the remediation strategy for offending hosts
  • Granular host bandwidth control to ensure that no single host is consuming too much network bandwidth
  • Comprehensive tool (ESP) for real-time network monitoring and analysis
  • Easy and cost-effective to deploy

Benefits

  • Fraction of the expense charged by other NAC providers
  • Comprehensive security policy deployed from a single management interface
  • Delivers in depth defense from the edge of the network
  • Granular policy and control from one integrated solution
  • Network-based Host-level security without agents
  • Ability to quarantine infected hosts
  • Blocks access to new users who do not meet policy compliance
  • Guides unapproved users to remediation
  • Detailed monitoring capabilities for every host on the network

Integrated ManagementDeepNines SEP is managed by the DeepNines Edge Management Console (EMC).  To find out more about the EMC, please click here.

RequirementsTo ensure maximum security, the user must either install or have the following:

  • DeepNines ESP
  • DeepNines SEP
  • DeepNines EIQ
  • A layer 3 manageable switch
  • A policy-based router

 

 

PATENT INFORMATION
Protected by US Patents 6,930,978 and 7,058,976

 

Try DeepNines with a free seven day Internet Content
Audit.

FURTHER INFO
  Datasheets
 Case Studies
 Solution Overviews
 General Information
 Request an Evaluation

CONTACT US
 Sales
 Partners
 Customer Support

WATCH THE DEMO

Education: Understand how iTrust protects your students  Watch Demo >>
Enterprise: Understand how SEP protects your network  Watch Demo >>

 
 
          ©2007 DeepNines, Inc. All rights reserved. Terms and Uses