Enterprise

The Way Your Employees Connect with Your Network is Changing. Are You Ready?

Technology in the workplace is constantly changing. Employees routinely bring the latest devices and gadgets into the office to make work, and life, easier. And with these devices come the potential for significant security considerations.

SafeConnect maintains the security of computing devices on your network. SafeConnect is used extensively in the field of education, but our customers include any organization that wants to enforce security policies in an automated and non-intrusive way. Environments with large populations of unmanaged devices are particularly well-suited to use SafeConnect

So if you are a Corporation, Healthcare Provider or Government entity, SafeConnect can provide visibility and enforcement of security policies to all the devices on your network.

State and Local Government

Government agencies are facing major challenges to simultaneously enhance their IT cyber security posture, while continuing to cost-effectively support their constituents’ diverse and growing needs. Whether unintentional or maliciously motivated, data leaks and security intrusions represent a significant threat to national security. Just like their private sector counterparts, government organizations are faced with the ever increasing onslaught of unknown computing devices accessing critical network infrastructure. When it comes to network security, every employee, contractor, customer, or supplier is a potential weak link.

Network Access Control, including the ability to provide detailed real-time and historical policy event data, has become an essential component of any enterprise security management strategy.

Healthcare

Today’s computer network has become the central nervous system of a healthcare organization, supporting the life- and business-critical functions necessary for everything from managing patient data to ensuring clinical operations. Unknown computing devices from vendors, teaching staff, patients, and visitors, as well as the exposure of peripheral access through wireless connections, multiple remote provider localities, and business partners, represent major IT security risks.

Healthcare also has the added burden of meeting regulatory compliance, requiring providers to adhere to a host of security audit and reporting safeguard requirements stipulated by the Health Insurance Portability and Accountability Act (HIPAA), the Food and Drug Administration, PCI, and other mandated directives.

The ability to balance best practices in network security, while supporting a highly mobile and extended user community, demands a flexible NAC solution that is scalable and adaptable to the needs of the large, multi-vendor healthcare provider enterprise.

Finance

Compliance requirements such as the Graham-Leach-Bliley Act (GLBA), Sarbanes-Oxley (SOX), and other industry-specific obligations have ushered in a regulatory era that demands stringent IT security compliance and increases the penalties for companies and individuals whose risk-management practices are less than robust. Because many of the most destructive pieces of malware are built to replicate and spread rapidly, a large proportion of an enterprise can be affected within minutes of the first outbreak – and a single outbreak can dramatically affect the reputation, stability, and business objectives of a financial services enterprise.

The ability to provide detailed real-time and historical policy event data, has become an essential component of any financial services enterprise security management strategy.

SafeConnect Network Access Control

NAC Function

Real Time Solution SafeConnect checks a user’s system prior to granting network access as well as on a continuous basis in real time. This provides two significant benefits; users who become non-compliant can be isolated immediately. This is inherently more secure because users are not allowed to remain on the network for extended periods. In addition, the user experience is superior because only those users out-of-compliance with security policies are impacted.
100% Out of Line Solution SafeConnect is implemented as a true “out-of-line” network device. The SafeConnect Policy Enforcer Appliance sits out-of-line with the core network and fails open—presenting no single point of failure, performance bottle-necks or maintenance-related or scheduled network outages. In the event of a failure all existing and new users to the network are unaffected and have uninterrupted access to network resources.
Safe Network Access for All SafeConnect solves the potential security issue associated with hubs while maintaining the benefit of increased access hubs can provide. The SafeConnect system can detect the presence of a Network Access Translation (NAT) device and require it to be placed in bridge mode, allowing the system to identify, authenticate and assess the security of devices connected to a hub.

NAC Operation

No Changes to LAN/WAN Required SafeConnect is network switch hardware and software vendor independent and integrates into the existing network architecture. No Layer2 switch manipulation. No rip-and-replace. No changes or continuous manipulation of network switch devices, wireless access points, or VPN concentrators are required.
Directory Services Integration SafeConnect utilizes directory services infrastructure (i.e. LDAP, MS Active Directory, RADIUS) to authenticate end user devices. The system can also apply identity- or role-based policies and enforcement rules based on how a user is defined within the directory system (employee, guest, vendor, etc.) Users who do not have the proper credentials to authenticate are blocked from accessing network resources. SafeConnect also features a Single Sign-On (SSO) authentication capability that allows existing AD managed and 802.1X/WPA2 Enterprise users to maintain their existing login process user experience.
Centrally Managed Solution SafeConnect’s Enterprise Policy Manager offers a centralized policy management interface that will enable an authorized policy administrator to build and edit policies that can be deployed immediately. SafeConnect’s Enterprise Policy Manager has been designed to be intuitive and easy to use. The Policy Manager is centrally deployed and can be accessed from multiple locations and allows application and read/write level administrative privileges to be assigned to policy administrators and help desk personnel.
Compatibility with Wireless Access Points SafeConnect is Layer2 network device independent and agnostic, which allows the system to manage public or privately addressed sub-networks and VLANs whether their topology is wired, wireless, or VPN in a consistent/non-intrusive fashion. No integration required.
Ease of Implementation The SafeConnect system is designed for remote customer setup and implementation. By leveraging our managed services capability, we can routinely install a system in less than an hour. The solution can be deployed in a phased-in approach (by IP address/range, subnet, VLAN) across wired, wireless, and VPN infrastructures as required for a non-disruptive transition.

Other Unique NAC Industry Benefits

24/7 Proactive Maintenance and Support Services The SafeConnect system is supported by the industry’s most comprehensive implementation and support services agreement. Impulse Point provides continuous (24/7) proactive monitoring and support that includes hardware and software problem determination and resolution support, as well as upgrade protection to future software functional releases. Daily policy configuration remote backups are included which enables Impulse Point to restore and deliver a replacement system within 24 hours.
Lifetime Hardware Upgrades Included Impulse Point does not assign an “end-of-life” (EOL) to SafeConnect hardware or software. When software functionality requires a hardware upgrade or if the SafeConnect appliance is in need of an upgrade, we will simply send you a new SafeConnect hardware server (pre-configured with your previous day’s policy configuration) for immediate deployment. As long as you remain under annual maintenance, we will never ask you to purchase the appliance again.
Ease of Management The SafeConnect offers a real-time Web-based dashboard interface that will enable an authorized policy administrator or help desk personnel the ability to view the policy status of devices for the entire enterprise, by policy group, or individual user. The State’s policy administrator (or help desk personnel) can also easily locate any device based on IP address, MAC address, user name, or policy condition.
Highly Scalable Each SafeConnect Policy Enforcer appliance can manage up 10,000 concurrent endpoint devices—making it 5 times more scalable than othe NAC systems. To support an environment of 10,000 users, other NAC systems employ 12 to 16 servers to address scalability and redundancy requirements.

We’re continually updating our software to accept the latest and greatest, newest devices (like iPads, Droids, iPhones, etc) – because life don’t wait for the latest technology. In this world of instant technology, SafeConnect helps in accessing your wireless network faster and more reliably, while directing unmanaged users to custom-branded portals for authentication.

And we do it faster and simpler than any other NAC product available. SafeConnect integrates into existing network architecture with no changes or continuous manipulation of Layer2 network switch devices, wireless access points, or VPN concentrators required.

Let us prove to you just how easily SafeConnect can work for you.

SafeConnect NAC

SafeConnect is the most flexible network access control solution available and offers an easy to implement and support endpoint policy management system. It seamlessly connects into an existing multi-vendor network infrastructure while providing the flexibility to adhere to each organization's unique computing policy philosophies. SafeConnect's unique architecture provides a true out-of-line NAC solution that is vendor-independent, scalable, and flexible to meet your growth needs – resulting in reduced time, expense, and risk.