|
Dynamic NAC is the Network Access Control solution that requires ZERO network changes, making it many times easier and faster to deploy than traditional NAC solutions. Dynamic NAC offers centralized management, flexible policies, granular quarantining and monitoring, and remediation of unhealthy systems.
Despite the extensive capabilities provided, Dynamic
NAC can install in hours. Without the need to change the network
or update network devices, Dynamic NAC has no hidden infrastructure
costs and continuously checks all devices on the network.
Dynamic NAC hardens the existing network by making some of the
PCs enforcers that monitor and control access to the network.
Enforcers report and quarantine unauthorized devices, like rogue
endpoints and unhealthy PCs. The unhealthy PCs can rejoin the
network after automatic or manual remediation brings them into
compliance.
Dynamic NAC is available as server software for Windows or part of the CyberGatekeeper Server appliance.
The CyberGatekeeper Difference
Because infrastructure-based NAC is expensive and difficult to
deploy, InfoExpress and more recently other security vendors
designed software-based alternatives.
Typical software-based alternatives are easier to implement, but compromise on security. CyberGatekeeper DNAC has a strong and unique technical security advantage over other software based NAC solutions because it cannot be easily bypassed. By using the ARP table and MAC address manipulation capabilities within the network, CyberGatekeeper DNAC does not rely on DHCP enforcement (as most other Software NAC approaches), preventing an unauthorised user from simply allocating a static IP address to bypass enforcement.
Further, many vendors of software based NAC also rely on policy enforcement using the agent installed on the workstation. However when your users have Administrator control of their PCs and simply turn off the process using the Windows Task Manager your well defined policies become unenforceable.
With CyberGatekeeper DNAC using community based enforcement the other PCs, those that are already compliant with your policy, will ensure that all PCs are running the required agent and that all policy requirements are being met. With CyberGatekeeper DNAC, if the user turns the agent off, the other PCs will disable its access from the local network.
By utilising a community based enforcement model, whereby existing
compliant machines will enforce the rules on non-compliant machines,
simply disabling the CyberGatekeeper DNAC agent will not allow
unauthorised activities to proceed. Even an unmanaged PC with
a static IP address will get quarantined automatically until
it has met the policy criteria of your DNAC configuration. Importantly
with CyberGatekeeper DNAC, a user can not bypass DNAC with static
ARP entries either. The above are critical considerations as
any security technology that can be easily bypassed is failing
its core function, irrespective of the high level functionality.
Dynamic NAC for Windows
The Dynamic NAC for Windows software installs on a Windows server.
With Dynamic NAC for Windows, you can begin monitoring your network
and add network access control in less than an hour. Key features
include:
- Windows domain authentication
- Identification of all network devices
- Quarantining of unauthorized devices
- Automatic and interactive remediation
- Continuous endpoint monitoring and access control
- Centralized policy updates and reporting
CyberGatekeeper Server
The CyberGatekeeper
Server appliance includes Dynamic NAC and other access
control methods such as 802.1x, bridge filtering, and SSL VPN.
Download brochure:
> Tolly
Report – CyberGatekeeper DNAC
versus Cisco NAC
> DNAC
FAQ
> DNAC – How
it works
> CyberGatekeeper
DNAC versus Microsoft NAP
> Agent
versus Agentless; Security, Functionality & Costs
Trade Offs
> CyberGatekeeper
DNAC Overview
T: 1300 660 930
E: enquiry@tlcdatasecurity.com.au
