|
Complete
Network Protection
Distributed EdgeWalls, working with one or more centralized
Control Servers, provides network access management
across wired and wireless networks.
Dynamic
and Granular Network Access
The Control Server offers a simple to use administrative
interface to create and modify security, access, connection
and user policies for network access management. These
policies are dynamically applied based on an array of
parameters including user identity, user location, threat
levels, patch levels and vulnerability levels. As parameters
change in real-time, the access policies may also change
in real-time. The Control Server integrates with, and
enhances, existing enterprise authentication systems.
Its unique granular access control secures an individual
user, not a network-defined entity (e.g. IP address,
subnet, VLAN, etc.). This enables the fine-grain monitoring,
quarantining and blocking of suspicious or untrusted
users.
Comprehensive
Network Access Management
EdgeWall provides comprehensive network access management
by screening all devices and users as they access the
network. EdgeWall scans for device vulnerabilities and
policy compliance, and checks user authentication and
authorization. Only if a device is deemed “compliant”
and the user is authenticated, will the EdgeWall allow
access to the network. If a device or user does not
pass screening, EdgeWall can place that device in a
quarantined group to be given limited access, or required
to patch before full access is given.
Restrict
Access to Unauthorized Resources
EdgeWalls are high-performance appliances that enforce
access policies received from Control Servers. In addition
to blocking all client traffic until they are authenticated,
EdgeWalls inspect all data packets. Based on the established
security, identity, and connection policies for a given
user, the EdgeWall can admit, block, redirect or discard
client data traffic.
Network-wide
Policy Enforcement
The EdgeWall detects worms and viruses in real-time,
and prevents their propagation to other devices on the
network. It also blocks Denial of Service (DoS) traffic,
while allowing valid traffic from authenticated users
to flow normally. Additionally, the EdgeWall provides
tools to identify infected devices, quarantine those
contaminated devices, patch and cleanup dirty devices,
as well as re-admit the devices to the network.
Deep
Packet Filtering and Inspection
Employing a powerful packet inspection engine, EdgeWalls
can look deep inside packets to determine the presence
of worms or viruses contents. EdgeWalls can also rewrite,
redirect or discard client data traffic. For example,
suspect packets can be redirected to a quarantine area
for further scrutiny while still allowing legitimate
traffic to flow normally. This intelligent packet inspection
ensures only the traffic designated by that user’s
access privileges actually flow through the network.
Real-time
Remediation
EdgeWalls can sense and prevent network intrusions before
they start. Knowledge of the packet contents, coupled
with other “interesting” information such
as traffic originating from a suspect source, can be
redirected to a quarantine area. Once quarantined, the
security administrator can assess the true threat of
the suspect device. If necessary the device can be patched
or updated to assure that it is clean from worms and
viruses. This can prevent malicious attacks from propagating
their payloads across the network.
Four
High Performance Models for All Organizations
Vernier’s EdgeWall Network Access Management Appliance
comes in 4 models to suit a wide variety of needs.
|
