Download presentation
Presentation is loading. Please wait.
Published byBritney Manning Modified over 9 years ago
1
All Rights Reserved © Alcatel-Lucent 2010 1 | Dynamic Enterprise Tour – Safe NAC Solution | 2010 Protect your information with intelligent Network Access Control Fabrice Lieuvin Director, Business Development EMEA – Data & Security Division fabrice.lieuvin@alcatel-lucent.com
2
All Rights Reserved © Alcatel-Lucent 2010 2 | Safe NAC Solution - DET | 2010 1.Enterprise strategy 2.SafeNAC 3.Conclusion
3
All Rights Reserved © Alcatel-Lucent 2010 3 | Safe NAC Solution - DET | 2010 Enterprise strategy 1
4
All Rights Reserved © Alcatel-Lucent 2010 4 | Safe NAC Solution - DET | 2010 Alcatel-Lucent Enterprise Network Infrastructure SIP Conversation Engine choice User Centric Experience Contact Center & Customer Service applications Communication & Collaboration applications On premisesin Cloud Application Fluent Network Provides Application Fluent Networks that uniquely enable a high quality user experience with reduced operations complexity
5
All Rights Reserved © Alcatel-Lucent 2010 5 | Safe NAC Solution - DET | 2010 Introducing Alcatel-Lucent’s Application Fluent Network Operations Control Convergence Without Complexity Architecture A simplified, optimized and resilient network with market-class leading capacity and built-in security Control Provides unique dynamic tuning of network performance to ensure high quality real-time application delivery Operations Reduced complexity through automation, consistency of features, and integrated troubleshooting tools
6
All Rights Reserved © Alcatel-Lucent 2010 6 | Safe NAC Solution - DET | 2010 SafeNAC 2
7
All Rights Reserved © Alcatel-Lucent 2010 7 | Safe NAC Solution - DET | 2010 PRODUCTIVITY ENHANCED DEPLOYMENT IS SIMPLE THREAT PROTECTION ENTERPRISE IS SECURE NAC Challenges Endpoints are Compliant Malware is Contained No Rogue Endpoints Continuous Surveillance Secured Guest Access Secured Partner Access Secured Contractor Access Services are Available Supports Existing Infrastructure Multi-Vendor Networks Multiple Endpoint platforms Multiple Authentication Methods Reduced Help Desk Costs Reduced Management Costs Enterprise is Compliant Data is Protected 4. KNOWLEDGE 3.PROCESS 1. NETWORK2.PEOPLE
8
All Rights Reserved © Alcatel-Lucent 2010 8 | Safe NAC Solution - DET | 2010 Introducing Safe NAC Key Features Access Control for Guests, LAN & Wireless Endpoint Malware Protection Verify OS and End Point Configuration Controls Automatic Remediation Role-based Post Admission Control Audit Reports for Compliance Differentiation Non Disruptive Multi-vendor Deployment Support for Multi-authentication, Multi-endpoint environments Integration with Multiple Network Elements Provides Reduced Cost Centralized Management Trusted Dynamic Enterprise
9
All Rights Reserved © Alcatel-Lucent 2010 9 | Safe NAC Solution - DET | 2010 Key Benefits End-to-End LAN/WLAN Security solution Role Based Access policy tailored to your business Can be deployed on existing infrastructure Simple deployment scenarios Cost effective, based on open standards Authentication, Authorization, Accounting Works with Existing Directory Services Host Integrity Check Clientless and Light Client Based Role Based Access map user’s profile to security policies Quarantine and Remediation Isolate and fix problematic users Anomaly Detection–IPS/IDS Stop malwares with behavioral detection Zero-day protection, no signature updates Monitoring/Compliance Unique ability to log users activities and monitor access to sensitive information Safe NAC: User Aware Network Security Solution
10
All Rights Reserved © Alcatel-Lucent 2010 10 | Safe NAC Solution - DET | 2010 Safe NAC: Solution’s components
11
All Rights Reserved © Alcatel-Lucent 2010 11 | Safe NAC Solution - DET | 2010 OmniSwitch – Secure LAN Switches Embedded Network Access Control Granular per-user profiling (User Network Profiles) Host Integrity Policy Enforcement Tight integration with CyberGatekeeper Broad Range of Security Features Port Mapping, Learned Port Security, DHCP Snooping, ARP Poisoning Detection, Traffic Anomaly Detection – Threat mitigations
12
All Rights Reserved © Alcatel-Lucent 2010 12 | Safe NAC Solution - DET | 2010 Access Guardian Key Advantages Devices and Users Authentication Identifies devices based on location and MAC @ or 802.1x standard Bann or quarantine network access when not authenticated Integrated Guest Access Web Portal Visitors can be authenticated via the integrated Captive Portal No limitation of number of users or MAC @ Works seamlessly with connected WiFi access points User Network Profile Simplifies Network Access Management Roles and profiles assigned to users during authentication Profiles include VLAN, ACL, QOS and Mobility Parameters Verify Endpoint Compliance Before Network Access Policy enforcement is performed by the OmniSwitch Compliance enforcement is independent of authentication Stronger Edge Security Integrated automatic Traffic Anomalies Detection based on traffic behavior Simple Access Control List and Quarantine Management
13
All Rights Reserved © Alcatel-Lucent 2010 13 | Safe NAC Solution - DET | 2010 OmniSwitch and 8950 AAA Process Group Mobility VLAN ID UNP Captive Portal 8950 AAA eDIR / LDAP Other Radius Guests 802.1x Yes MAC@ No Fail Group Mobility VLAN ID UNP Group Mobility VLAN ID UNP Group Mobility VLAN ID UNP Quarantine Fail Supplicant Managed Users Access Policy Parameters are pushed to the OmniSwitch Bandwidth enforcement and Anomaly Detection
14
All Rights Reserved © Alcatel-Lucent 2010 14 | Safe NAC Solution - DET | 2010 Safe NAC and Compliance Enforcement Scenario 802.1x User Regular LAN User Guest Remediation Server(s) Production Network 1 Employee, contractor or guest connects to the network OmniSwitch provides authentication and identifies user profile. It checks if HIC check is needed for this user. (802.1x, MAC, captive portal) OmniSwitch redirects traffic to the CyberGatekeeper Policy Server and the remediation servers. CyberGatekeeper policy server receives HIC report from CyberGatekeeper Agent and informs the OnmiSwitch if the device has passed or failed. If HIC passed, OmniSwitch selectively allows device traffic to production network following policy in user profile. If HIC Failed, OmniSwitch restricts traffic to remediation network only CyberGatekeeper Policy Server 2 Alcatel-Lucent OmniSwitch 34 Resident or on-demand agent Continuous surveillance 5 8950 AAA + Directory
15
All Rights Reserved © Alcatel-Lucent 2010 15 | Safe NAC Solution - DET | 2010 Conclusion 3
16
All Rights Reserved © Alcatel-Lucent 2010 16 | Safe NAC Solution - DET | 2010 User Centric Security Allowing Flexible Deployments throughout multiple environments
17
All Rights Reserved © Alcatel-Lucent 2010 17 | Safe NAC Solution - DET | 2010 Why Alcatel-Lucent? Comprehensiveness Innovation Flexibility
18
All Rights Reserved © Alcatel-Lucent 2010 18 | Safe NAC Solution - DET | 2010 Evaluation of this session A
19
All Rights Reserved © Alcatel-Lucent 2010 19 | Safe NAC Solution - DET | 2010 Evaluation of this session Please take 2 minutes to fill out the evaluation form, distributed to you by the speaker Please fill out as title of this presentation: « Safe NAC» Submit the form when leaving the room or put it in one of the boxes that you find everywhere in the venue THANK YOU
20
All Rights Reserved © Alcatel-Lucent 2010 20 | Safe NAC Solution - DET | 2010 User Centric Security Allowing Flexible Deployments throughout multiple environments www.alcatel-lucent.com
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.