Most of today’s networks is protected from Internet attack considered to be the greatest safety risk. In reality an overwhelming majority of attacks at corporate networks is lead from inside the corporation – from the local network. Corporate local network are expanding and it is often complicated to retroactively map all active ports; standard Ethernet hubs are added to locally increase the number of ports. At the same time more and more users access the network wirelessly both from company and private laptops and from various mobile devices as well. It is almost impossible to find out who connected from what location, to what application and what data was transferred. We do not know an exact address plan, we reserve addresses that are unused for a long time. In case of an attack we are defenseless and we cannot identify the attacker.
Network Access Control eliminates most of security risks and by enumeration of resources at the same time optimizes network operation expenses. Access management using 802.1x allows for dynamic user assignment into corresponding VLAN and also according to needs into local or global locations. By monitoring the network state we identify suspect user that we can remotely deactivate or transfer into a quarantine VLAN. Using network monitoring by behavioral analysis method we can identify even unknown attacks based on deviation from normal behavior. If there is a larger attack, we can switch the network into emergency state when all the users are disconnected, but critical applications keep running. We use the same method to solve access of company Wifi devices or private user devices used for company purposes (BYOD).
blue, the colour of rivers, represents the flow of data communications - Green, the indicator of starboard on ships will help with navigation and improve the quality of communications