One Network Access Control Solution for All Use Cases; Solution for BYOD protecting network resources from Guest and employees infected devices.
One of the primary functions of network access control has been to protect the corporate network – both wired and wireless – from guest users and their unmanaged, potentially infected devices by ensuring that a device is compliant with security policies before network and application access can be granted. A NAC solution is very effective in protecting the network and applications from unmanaged or even managed devices that could become infected while a user, whether they are a guest user or trusted employee, is surfing the Internet or accessing files remotely while traveling.
Juniper Networks Unified Access Control (UAC) solution reduces threat exposure, delivers comprehensive control, visibility, and monitoring, and decreases access control deployment costs and complexity. It extends access control to network traffic, implementing policy enforcement deeper into your network’s core and outward to its edge, mitigating risks and protecting sensitive corporate assets.
UAC is the industry’s only NAC solution that provides full Layer 2 through Layer 7 policy enforcement on the widest possible array of enforcement points. UAC’s policies can be enforced at Layer 2 (and beyond) using any vendor’s 802.1X-enabled wireless access points or switches (including Juniper Networks EX Series Ethernet Switches) for dynamic virtual LAN (VLAN) assignment, filter/ACL assignment, quality of service (QoS), and more. At Layers 3-7 any Juniper Networks firewall platform, including the Juniper Networks SRX Series Services Gateways, deployed with UAC becomes identity-enabled, leveraging the industry’s leading security device families as full NAC enforcers at any scale. Finally, Juniper Networks IDP Series Intrusion Detection and Prevention Appliances deliver role based, application level policy enforcement providing unparalleled access control and security granularity.
The Juniper Networks Unified Access Control (UAC) solution combines user identity and device security state information with network location to create a unique access control policy for each user. The solution can be enabled at Layer 2 using 802.1X, or at Layer 3 using an overlay deployment. UAC can also be provisioned in mixed mode, using 802.1X for network admission control and Layer 3 for resource access control.
Features and Benefits
Key features and benefits of Juniper’s UAC solution can be grouped into three high-level value propositions:
- Advanced Network Protection
- Control, Visibility, and Monitoring
- Simple, Flexible Access Control
Solution Scenario 2.
Strong User Authentication and Robust Access Control – Identity Access Solution with RSA two factor Authentication
In addition to one-time passwords, the Infranet Controller supports certificate based authentication. To positively authenticate and validate a user, the UAC Agent, or a browser based agent (in agentless mode), will prompt the user for a PIN to unlock the digital certificate stored on a smart card. The authentication is validated by the certificate authority stored on Juniper’s Infranet Controller. Solution components include:
- RSA® Certificate Manager
- RSA Smart Card
- RSA® Card Manager
- Juniper Networks Unified Access Control solution
Advance monitoring using SIEM (Security Intelligent platform)
What are SIEM Systems?
A SIEM system consists of software products and security services. It combines security information management (SIM) with security event management (SEM) to deliver analysis of security alerts triggered by hardware and software… in real time. SIEM products are used to log security information and produce compliance-focused reports.
SIEM security systems work by collating log files and security data for assessment by IT administrators. This data is collected from multiple security devices including servers, routers & switches, desktops and laptops and other connected devices.
SIEM technology provides:
- SIM — Log management, analytics and compliance reporting
- SEM — Real-time monitoring and incident management for security-related events from networks, security devices, systems and applications
SIEM technology is typically deployed to support three primary use cases:
- Advanced threat detection — Real-time monitoring and reporting of user activity, data access, and application activity, incorporation of threat intelligence and business context, in combination with effective ad hoc query capabilities
- Basic security monitoring — Log management, compliance reporting and basic real-time monitoring of selected security controls
- Forensics and incident response — Dashboards and visualization capabilities, as well as workflow and documentation support to enable effective incident identification, investigation and response
Gartner defines a small deployment as one with 300 or fewer event sources, a sustained EPS rate of 1,500 events per second or less, and a back store sized at 800GB or less. Gartner defines a midsize deployment as one with 400 to 800 event sources, a sustained event rate of 2,000 to 7,000 events per second and a back store of 4TB to 8TB. A large deployment is defined as one with more than 900 event sources, a sustained event rate of more than 15,000 events per second, and a back store of 10TB or more. Some very large deployments have many thousands of event sources, sustained event rates of more than 25,000 EPS and a back store of more than 50TB. We may indicate that a vendor’s SIEM technology is ideally suited for a small, midsize or large deployment, which means that the size is a typical or most common successful deployment for that vendor. Every vendor will have outliers.
Managed Security Services
We have effective solutions for organisations seeking to outsource the management of their information security requirements. Our services give you peace of mind that experts are watching over your security systems in real time, 24×7.
Our Managed Services for Security include:
- Managed Firewall Service: Protects key information assets across networks, hosts, applications and databases.
- Managed Intrusion Detection and Prevention Service: Enables you to implement intrusion detection and prevention systems without devoting costly internal resources to managing, maintaining and monitoring the systems SIEM solutions for all type of organisations from SMB to enterprises. Providing expert advise and build report for Capacity Planning, Robustness ad stability of your network.