Bradford Networks Solutions by Use Case
Select a Use Case:
- Network Access Control
- Secure BYOD
- Guest Management
- Regulatory Compliance
- Endpoint Compliance
- Easy 802.1x Onboarding
- Network Analytics
- Edge Visibility
Network Access Control
A network is only as secure as the devices that are connected. As the number of devices on a wired and wireless network continues to grow with initiatives such as Bring-Your-Own-Device (BYOD), so does the network attack surface for cyber criminals.
Network Sentry was purpose-built to deliver Network Access Control (NAC). It dynamically leverages the continuously growing library of security commands and controls built into today’s switches, routers, wireless controllers and wireless access points to perform pre-connect risk assessments on every device attempting to connect to the network. Unlike alternative approaches that depend on 802.1x specific hardware, Network Sentry leverages the existing network infrastructure to manage up to 20,000 concurrent devices from a single physical or virtual appliance. A manager of managers ensures growth and provides scalability to secure larger scale networks. Setup wizards, seamless integration, and intuitive workflows make installation and configuration simple.
With the growing number of devices on a network, network access control has become an essential component of the standard BYOD reference architecture. With over 1,000 BYOD customers, powerful integration with a broad range of wireless technologies, and an award-winning version 6 solution, Network Sentry provides the most versatile and proven approach to Network Access Control.
There are many tradeoffs when adopting a BYOD strategy. However, the benefits of productivity, usability, and cost reduction have to be factored against the challenges of risk, manageability, and overall security.
According to a recent SAN Mobility/BYOD Security Survey, over 60% of organizations are embracing some form of BYOD but only 9% of organizations are confident they know the devices on their network. There is therefore is a gap than needs to be addressed to enable a secure BYOD strategy.
Gartner and other analyst firms have also noted that, although the BYOD challenges and security policies are new to enterprises, educational institutions have been successfully addressing these challenges for years. Because Bradford Networks’ early customers were education focused, the company has a tremendous wealth of experience navigating the technical and political issues related to BYOD. This depth of knowledge is leveraged by our customers to provide visibility into their networks, streamline the onboarding process, prescribe effective and secure access policies, and automate the network access controls – keeping employees happy and productive while ensuring a secure BYOD strategy.
In today’s open and collaborative work environments, visitors, guests, contractors, business partners and other non-employee staff expect on-demand connectivity to your network. However given the sheer number of wireless devices it is critical to ensure a simple onboarding experience for users, while minimizing the management burden on IT staff.
Network Sentry provides an efficient, scalable, and secure approach to managing guests and registering mobile devices. Network Sentry provides simple workflows which drive users through an intuitive process that ensures safe, self-service guest access. In addition to streamlining and securing the on-boarding process, device registration ensures that every device on the network is profiled and has an owner. Through this process IT can differentiate between trusted individuals who have defined roles within the organization and guests, while devices can be identified as corporate-issued or personally-owned. Once identified, Network Sentry will automatically provision network access based on each person’s role or relationship with the organization. From a security perspective, this eliminates blindspots associated with guest access and BYOD initiatives.
To reduce management overhead, Network Sentry allows IT to designate non-technical staff as “guest sponsors” who are authorized to set up guest user accounts without the need to engage IT. So, while IT retains control and network-wide visibility of all connections, sponsors can handle the day-to-day administration of guest access accounts. Network Sentry can also create group guest access accounts with unique usernames and passwords for hundreds or even thousands of event attendees in just a few mouse clicks. Each group can be assigned unique parameters such as start date, end date, time-of-day access limits, and more.
With Network Sentry guests get quick and easy network access, internal sponsors can get their visitors online without delay, and IT maintains control and ensures security, while off-loading routine tasks.
Knowing what’s connecting to your network is fundamental to regulatory compliance as well as security best practices.
Network Sentry provides real-time visibility and automated control over every attempted connection to your network. Flexible and automated policies enable trusted users and trusted devices to gain access to the appropriate level of information. The risk of every user and device is automatically assessed against an access policy, before network connectivity is granted. Users with non-compliant devices can be migrated to workflows that provide instructions on how to remediate and establish compliance. Network Sentry maintains a log of connections, creating an audit trail that is critical for demonstrating compliance as well as visibility, automation, and control.
The growing number of devices on a network together with a decreasing level of control over those devices due to trends such as Bring-Your-Own-Device (BYOD), make regulatory compliance more complex than ever before.Network Sentry’s network visibility, policy automation, and its complete audit trail of every network connection, makes regulatory compliance simple and maintainable.
Every device on a network introduces some level risk. A vulnerable device can be leveraged to gain access to a network and a compromised device can introduce malware. The device’s operating system and patch levels, anti-virus software and signature files, applications, configuration, and whether or not its jailbroken all contribute to its risk posture. With the growing number of devices on a network and a decreasing level of control over these devices due to trends such as Bring-Your-Own-Device (BYOD), companies must now ensure endpoint compliance as part of endpoint management.
There are a few simple steps that can be taken to dramatically reduce the risk of data leakage and unauthorized access, and ensure that endpoint devices are safe and compliant. Network Sentry assesses key attributes of a device, before it is allowed to connect to the network, thereby minimizing vulnerabilities and overall risk. If a device does not pass the risk assessment, the device and user can be denied access, granted temporary access with instructions for remediation, or granted access and a policy violation warning.
Easy 802.1x Onboarding
Certificate-based network access ensures safe, encrypted wireless access but it requires compliant network equipment and the proper configuration for mobile devices. Readying a mobile device for 802.1x compliance is often a guessing game for even the most sophisticated end user.
Bradford Networks’ Network Sentry, with its deep integration with wireless infrastructures, intuitive workflows, and setup wizards, automates the process of onboarding devices to 802.1x ready networks. Users connect to a SSID and, based on their role, the 802.1x supplicant is automatically configured on their mobile device. The device is then automatically re-routed to the appropriate, secure SSID.
By automating this 802.1x onboarding and configuration process, user missteps are avoided, while the process of assigning the proper SSID is fully automated. Allowing all users to connect to a single SSID and then re-routing them based on pre-defined policies also simplifies network administration as there is now only a single set of credentials that need to administered and distributed.
Connections to a network generate a wealth of information that can help identify mobility trends and security anomalies. But unless this information is captured, stored, and accessible, it can’t be leveraged for analytics, planning, compliance or forensics.
Bradford Networks’ Network Sentry captures details about every connection to a network. It captures intelligence such as user, device type, connection point, endpoint compliance, connection time and disconnection time. This information is then uploaded to Network Sentry/Analytics where it is stored for a user customizable length of time. The cloud-based service is hosted at Amazon.com’s web services (a cloud-based infrastructure) delivering instant deployment, enterprise performance, and availability, and no infrastructure requirements.
With the growing number of devices on a network, the profile of devices is constantly changing and so is the overall security risk. Network analytics provide a new perspective, capturing long-term historical information that can leveraged to anticipate wireless capacity, identify shifts in mobile device usage, provide reports for compliance, and provide an audit trail of connections should a cyber-incident occur.
Organizations are struggling to understand the profile of devices and users connecting to their networks. With the continually increasing use of wireless, the diversity of mobile devices, and cyber criminals using vulnerable endpoints as the primary attack vector, IT Staff need 100% edge visibility to effectively manage risk, compliance, and capacity.
Network Sentry can establish edge visibility across up to 20,000 concurrent devices on local or remote network segments, using a single appliance which can be configured and deployed in a matter of hours. Using agentless technology, Network Sentry communicates directly with the wired and wireless infrastructure including switches, routers, controllers, and access points, and achieves full visibility at the network edge without the need to observe network traffic. Network Sentry provides detailed information for each connection made to the network including the user’s profile and device type.
Additional appliances and a manager-of-managers can be deployed to support more than 20,000 concurrent devices.