We founded Impulse Point to address the unique endpoint policy requirements of higher education and we understand the need to provide a flexible management framework to support diverse network architectures across multiple remote locations … all while supporting and protecting students, faculty, staff, and guests.
We’re continually updating our software to accept the latest and greatest, newest devices (like iPads, Droids, iPhones, Ubuntu, etc) – because students don’t wait for the latest technology. In this world of instant technology, our products help in accessing your wireless network faster and more reliably, while directing unmanaged users to custom-branded portals for authentication.
And we do it faster and simpler than any other NAC product available. SafeConnect and IdentityConnect integrate into existing network architecture with no changes or continuous manipulation of Layer2 network switch devices, wireless access points, or VPN concentrators required.
Where would you be without Impulse Point? Touching every single switch on your network …
As confirmed by Gartner and other industry analysts, the Higher Education sector represents the most dominant and progressive market for NAC adoption – and represents the extreme scenario for NAC deployments.
What other industry has this same combination of a highly transient, unmanaged, diverse variety of device types; large-scale, complex, high-performance, agnostic networks; which serve tens-of-thousands of computer savvy users; in a highly collaborative, politically charged and opinionated environment?
SafeConnect is the only NAC that provides you with ease of management, ease of use, and proactive maintenance support services. SafeConnect’s key benefits include the following:
The SafeConnect Enterprise Policy Manager offers a real-time Web-based dashboard interface that will enable an authorized policy administrator or help desk personnel the ability to view quarantined devices for the entire enterprise or by user group. The policy administrator (or help desk personnel) can also locate a quarantined device based on IP address, MAC address, or user name. SafeConnect’s Enterprise Policy Manager has been designed to be intuitive and easy to use. The Policy Manager can be accessed from multiple locations and provides the ability to assign application and read/write level administrative privileges to policy administrators and help desk personnel based on their authentication credentials.
The SafeConnect system is supported by the NAC industry’s most comprehensive implementation and support services agreement. Impulse Point will provide continuous proactive monitoring and support that includes hardware appliance and software problem determination and resolution support consistent with operational management processes, as well as upgrade protection to future software functional releases. Daily policy configuration remote backups are included which enables Impulse Point to restore and deliver a replacement system within 24 hours.
Impulse Point is committed to delivering supported updates of new operating systems, and security software applications within 24 to 48 hours of their official release date, as compared to other Legacy NAC providers who struggle with maintaining 24‐48+ “day” update cycles.
SafeConnect’s Enterprise Policy Manager offers a centralized policy management interface that will enable an authorized policy administrator the ability to build and edit policies that can be deployed immediately. The SafeConnect Policy Manager can be accessed from multiple locations and allows you to assign application and read/write level administrative privileges to both policy administrators and help desk personnel based on their authentication credentials.
Impulse Point prides itself on the rapid, efficient, and successful implementation of the SafeConnect NAC Solution and will be available to provide personalized advice and support through project planning, installation, and deployment. The SafeConnect system has been designed for remote customer setup and implementation. By leveraging our managed services capability, we can routinely install a system in less than an hour. Impulse Point can accomplish this by pre-loading the SafeConnect system with the University’s specific configuration information, and guiding the organization through the connection process. SafeConnect can also be deployed in a phased-in approach (by IP address/range, subnet, VLAN) across wired, wireless, and VPN infrastructure as required for a non-disruptive transition.
SafeConnect is an appliance-based NAC solution that is implemented as a true “out-of-line” network device. The SafeConnect Policy Enforcer Appliance sits out-of-line with the core network and fails open—presenting no single point of failure, performance bottle-necks or maintenance-related or scheduled network outages. In the event of a failure all existing and new users to the network are unaffected and have uninterrupted access to network resources.
SafeConnect is network switch hardware and software vendor independent and integrates into the existing network architecture with no changes or continuous manipulation of Layer2 network switch devices, wireless access points, or VPN concentrators required.
The SafeConnect architecture is Layer2 network device independent and agnostic, which allows the system to manage public or privately addressed sub-networks and VLANs in the same fashion whether their topology is wired, wireless, or VPN. SafeConnect’s continuous posture assessment capability can leverage wireless technology to assign per-user quarantine roles for clients that are not compliant with security requirements. SafeConnect can provide Single-Sign-On (SSO) in a WPA2 Enterprise environment by leveraging standards-based RADIUS accounting.
Impulse Point offers a policy module which automates the process of configuring end user standard-embedded device 802.1X supplicants for wireless 802.1X / WPA2 Enterprise network environments. This module can simplify the end user’s experience of transitioning to a secure WPA2 Enterprise wireless network, and offers the added benefit of “silently” deploying SafeConnect’s Policy Key as part of the initial device wireless registration process to provide real-time (pre- and post-admission) security assessment and enforcement.
SafeConnect was designed to enable safe network access to authorized users regardless of the connection. It is common for users to introduce small multi-port hubs on the network as a way to increase connections. These hubs provide convenience but at the same time allow malicious users to operate undetected. SafeConnect solves the potential security issue associated with hubs while maintaining the benefit of increased access. The SafeConnect system can detect the presence of a Network Access Translation (NAT) device and require it to be placed in bridge mode. This allows the system to identify, authenticate and assess the security of the devices connected to a hub.
SafeConnect utilizes directory services infrastructure (i.e. LDAP, MS Active Directory, RADIUS) to authenticate end user devices. The system can also apply identity- or role-based policies and enforcement rules based on how a user is defined within the directory system (student, employee, guest, vendor, etc.) Users who cannot be authenticated can be quarantined or blocked from accessing the network. SafeConnect also features a Single Sign-On (SSO) authentication capability that could allow existing AD managed users to maintain their existing login process user experience.
The number of mobile devices in use places tremendous pressure on IT infrastructure. As devices are added more resources are used, more bandwidth is consumed, more IP addresses are allocated and re-cycled, and more wireless access points are required to handle the increased density. Additionally, universities are being challenged with the task of correlating device and user identity over time across their networks for identity-based web content access and bandwidth management policies.
IdentityConnect™ recognizes when unknown devices attempt access to your wired, wireless, or VPN networks and provides the following essential features and benefits:
As thought leaders, universities and colleges need to ensure that the tenets of academic freedom on the campus are protected as fiercely as the security of the network.
The SafeConnect NAC solution provides the flexibility to select and use only the policy modules needed to satisfy the requirements of their security plan. The University can implement the policy modules standard to the SafeConnect solution including compliance with anti-virus, anti-spyware, Microsoft OS patches, as well as registration and authentication. Other standard policy modules include peer-to-peer file sharing, access points, and power management. Custom policies can also be created based on the existence or non-existence of file types, registry settings, services, and processes on endpoint devices. Click here to view a case study including academic freedom. .
For many schools, available resources in residence halls have grown to include wireless access, high speed internet access, and voice over IP services. Learn how SafeConnect can help Network Managers strike a balance between the conveniences of providing network access to the very edge and maintaining security and acceptable use policies. To learn more about SafeConnect for ResNet, please click here.
Impulse Point is committed to helping colleges and universities address the Higher Education Opportunity Act and P2P file sharing requirements. Beyond traditional NAC capabilities, SafeConnect includes a Peer-to-Peer (P2P) File Sharing Module that notifies students of prohibited software, helps to educate them on the dangers associated with illegal downloading, and encourages legal online music procurement. Click here to learn more about P2P file sharing and HEOA compliance.
School campuses need to quickly notify students and faculty in the event of a developing situation. SafeConnect has the ability to broadcast an on-demand message to everyone whose computer is authorized to access the campus network. Notification can be made quickly and administrators can track messages for compliance purposes. Click here to learn more about all the policy modules and broadcast messaging.