The explosion of mobile devices, coupled with advances in wireless technologies and readily available cloud-based applications, has driven a fundamental computing shift within large network environments. Today nearly everyone has a smartphone, a laptop computer, and/or tablet in addition to other network-ready devices—which has created the need for IT organizations to implement higher density wireless networks to support the escalating volume of mobile devices.
The number and diversity of devices in any corporation, hospital, college campus, or school district has exploded – easily tripling the number seen just a few years ago. This puts tremendous pressure on IT infrastructure; as devices are added more resources are used, more bandwidth is consumed, more IP addresses are allocated and re-cycled, and more wireless access points are required to handle the increased density. The ability to successfully identify device types, ascertain the identity of the user, and maintain a positive user experience while roaming has also become a formidable challenge. Additionally, organizations are being challenged with the task of correlating device and user identity over time across their networks for regulatory compliance; security forensics purposes; and identity-based web content access and bandwidth management policies.
IdentityConnect™ recognizes when unknown devices attempt access to your wired, wireless, or VPN networks and provides the following essential features and benefits:
SessionsTracker™ is a fundamental component of IdentityConnect™ which tracks and correlates device session information in real-time. SessionsTracker™ unifies session management of “start”, “stop” and “update” data from network sources in a timely and accurate manner. SessionsTracker™ correlates information from network “flow based” technologies like “Netflow” and “sFlow”, as well as control protocol services such as RADIUS and DHCP to maintain a “session” for the duration of time a device is active on the network. SessionsTracker™ enables IdentityConnect™ to collect and correlate supplemental data (such as a username or device type) from additional sources.
IdentityConnect™ delivers the real-time identity-to-device association information required to support the networks of today. IdentityConnect™ participates in Single Sign-On (SSO) authentication by processing RADIUS accounting messaging generated by 802.1X-WPA2 Enterprise networks. This identity framework can be extended in our Identity Correlation Manager to publish this information to third party network management devices such as web content filters, bandwidth packet shapers, next generation firewalls and Security Event Information Management (SEIM) devices to enable identity-based policies within these networking devices.
With IdentityConnect™, users who do not have credentials within an organization may self-provision accounts via a fully automated process. Alternatively, access to the Guest Management Portal can be delegated to authorized personnel to manually provision accounts for Guest Users, as needed.
IdentityConnect was built to support large-scale enterprise network environments. Each appliance can manage up to 10,000 concurrent endpoint devices and can be clustered together to support tens of thousands of users.
All Impulse Point products include a comprehensive hardware/software maintenance program. This includes 24×7 system monitoring, problem determination and resolution technical support, daily remote backups and overnight hardware replacement, and free software/hardware upgrades . Impulse Point provides the industry’s only continuous system monitoring and update service with standard maintenance. Our technical staff continuously monitors the health of the system and will take proactive corrective action if a problem is detected. This service also includes nightly updates on device profiling, operating systems, and remediation software updates.
Getting other NAC systems operational can take weeks or even months of work. IdentityConnect can be installed in minutes and fully deployed in a matter of hours. Our engineers can provide insights on common practices which accelerates the full deployment process. From remote installation and real-time monitoring to “no hands” system updates, see SafeConnect in action to fully appreciate it. Click here to discover how rapidly you can deploy IdentityConnect and SafeConnect.
IdentityConnect is delivered with standard Modules for Device Type Profiling, End Euser Authentication, Device Self-Enrollment, Guest User Self-Provisioning, Reporting, and Identity Correlation Manager.
Click here to learn more about SafeConnect’s enforcement policies.
We believe in teamwork and will work with you to develop the Impulse Point solution that works best for your network and your team. Our service philosophy is to own and maintain the function of updating new operating systems and security software applications “in-house” as part of our proactive maintenance. Proactive monitoring of policy server hardware components (CPU, memory, disk, etc.), network connectivity, and key application processes is included with IdentityConnect along with technical support when you need it. To learn more about the 24/7 proactive maintenance service click here.
Neither Identity Connect or SafeConnect is “content aware”. Neither product can check for arbitrary data in a particular file, or return the file itself. It can only return a true/false check on the presence (or absence) of a file, provided the complete path is given. Any data stored in the Policy Enforcer is either requested for business purposes (userid/network username) or can be easily obtainable from the network itself. (Mac Address, IP address, Windows Machine Name, etc).