IdentityConnect Personal Device Registration for BYOD Management

IDC and Agent-Free Device Registration

The explosion of mobile devices, coupled with advances in wireless technologies and readily available cloud-based applications, has driven a fundamental computing shift within large network environments. Today nearly everyone has a smartphone, a laptop computer, and/or tablet in addition to other network-ready devices—which has created the need for IT organizations to implement higher density wireless networks to support the escalating volume of mobile devices.

The number and diversity of devices in any corporation, hospital, college campus, or school district has exploded – easily tripling the number seen just a few years ago. This puts tremendous pressure on IT infrastructure; as devices are added more resources are used, more bandwidth is consumed, more IP addresses are allocated and re-cycled, and more wireless access points are required to handle the increased density. The ability to successfully identify device types, ascertain the identity of the user, and maintain a positive user experience while roaming has also become a formidable challenge. Additionally, organizations are being challenged with the task of correlating device and user identity over time across their networks for regulatory compliance; security forensics purposes; and identity-based web content access and bandwidth management policies.

IdentityConnect™ recognizes when unknown devices attempt access to your wired, wireless, or VPN networks and provides the following essential features and benefits:

  • Agentless Device and Role Profiling provides visibility into user identities and device types, whether they are a managed (organization-owned) or personally-owned (i.e., BYOD, guest), and when a device is connected to the network. Identifies PC, MAC, iOS, Android, Windows RT, RIM, Gaming, Media, AppleTV, etc. device types.
  • End User Authentication prevents unauthorized users from accessing network resources and participates in 802.1X/RADIUS and AD Domain Single Sign-On (SSO)
  • Guest User Self-Enrollment automates the process of provisioning Internet-only network access for a specific period of time
  • Device Enrollment allows end users to self-enroll non-browser devices such as printers, e-readers, or gaming systems by identity
  • Identity Correlation Management provides real-time identity-to-device association and standards-based integration with third-party policy management systems
  • Commercially available replacement for home-grown network registration systems (aka “net-reg” systems) includes hardware/software maintenance
  • Real-time Reporting Dashboard for data archiving and historical reporting
  • Managed Support Services delivers updates for device type fingerprinting within 48 hours of their official release date

IdentityConnect™ delivers on our promise of a scalable BYOD solution with centralized management, “no hands” system updates, and true real-time and historical reporting – providing you with comprehensive visibility and control.

Sessions Tracker™

SessionsTracker™ is a fundamental component of IdentityConnect™ which tracks and correlates device session information in real-time. SessionsTracker™ unifies session management of “start”, “stop” and “update” data from network sources in a timely and accurate manner. SessionsTracker™ correlates information from network “flow based” technologies like “Netflow” and “sFlow”, as well as control protocol services such as RADIUS and DHCP to maintain a “session” for the duration of time a device is active on the network. SessionsTracker™ enables IdentityConnect™ to collect and correlate supplemental data (such as a username or device type) from additional sources.

Real-Time Identity for Devices

IdentityConnect™ delivers the real-time identity-to-device association information required to support the networks of today. IdentityConnect™ participates in Single Sign-On (SSO) authentication by processing RADIUS accounting messaging generated by 802.1X-WPA2 Enterprise networks. This identity framework can be extended in our Identity Correlation Manager to publish this information to third party network management devices such as web content filters, bandwidth packet shapers, next generation firewalls and Security Event Information Management (SEIM) devices to enable identity-based policies within these networking devices.

Guest Management

With IdentityConnect™, users who do not have credentials within an organization may self-provision accounts via a fully automated process. Alternatively, access to the Guest Management Portal can be delegated to authorized personnel to manually provision accounts for Guest Users, as needed.

Highly Scalable to Go Further

IdentityConnect was built to support large-scale enterprise network environments. Each appliance can manage up to 10,000 concurrent endpoint devices and can be clustered together to support tens of thousands of users.

24 x 7 x 365 Maintenance and Managed Services

All Impulse Point products include a comprehensive hardware/software maintenance program. This includes 24×7 system monitoring, problem determination and resolution technical support, daily remote backups and overnight hardware replacement, and free software/hardware upgrades . Impulse Point provides the industry’s only continuous system monitoring and update service with standard maintenance. Our technical staff continuously monitors the health of the system and will take proactive corrective action if a problem is detected. This service also includes nightly updates on device profiling, operating systems, and remediation software updates.

Speed to Deployment

Getting other NAC systems operational can take weeks or even months of work. IdentityConnect can be installed in minutes and fully deployed in a matter of hours. Our engineers can provide insights on common practices which accelerates the full deployment process. From remote installation and real-time monitoring to “no hands” system updates, see SafeConnect in action to fully appreciate it. Click here to discover how rapidly you can deploy IdentityConnect and SafeConnect.

IdentityConnect’s Standard Modules

IdentityConnect is delivered with standard Modules for Device Type Profiling, End Euser Authentication, Device Self-Enrollment, Guest User Self-Provisioning, Reporting, and Identity Correlation Manager.

Click here to learn more about SafeConnect’s enforcement policies.


We believe in teamwork and will work with you to develop the Impulse Point solution that works best for your network and your team. Our service philosophy is to own and maintain the function of updating new operating systems and security software applications “in-house” as part of our proactive maintenance. Proactive monitoring of policy server hardware components (CPU, memory, disk, etc.), network connectivity, and key application processes is included with IdentityConnect along with technical support when you need it. To learn more about the 24/7 proactive maintenance service click here.

Privacy Considerations

Neither Identity Connect or SafeConnect is “content aware”. Neither product can check for arbitrary data in a particular file, or return the file itself. It can only return a true/false check on the presence (or absence) of a file, provided the complete path is given. Any data stored in the Policy Enforcer is either requested for business purposes (userid/network username) or can be easily obtainable from the network itself. (Mac Address, IP address, Windows Machine Name, etc).

In short, Impulse Point will never collect or store personal information from its customer’s constituents, and will never communicate directly with end user SafeConnect Policy Key-enabled devices that exist outside of a SafeConnect Managed Network environment. To view our privacy policy questions/answers, please click here.

SEO Powered by Platinum SEO from Techblissonline