Genians’ virtuous NAC triangle to secure the IoT era

In the current world of ever-increasing cyber threats, network managers face a common set of fundamental challenges on a daily basis. Keeping one’s network safe and secure from the very real and myriad cyber dangers that exist today requires that one possess several key capabilities: first, the ability to know exactly what devices are accessing your network at all times; second, the ability to control that access in real-time; and third, the ability to remediate or remove problematic devices immediately.

The need for these fundamental capabilities will be well-familiar to network operators. Indeed, cybersecurity vendors acknowledge these challenges as well. Yet what is equally clear is that managing network access successfully remains a key pain point for network administrators the world over. This is especially the case in legacy, heterogeneous network environments, where many of the devices and management tools in place are proprietary in nature (and sourced from multiple vendors) – making it harder to achieve full visibility and control across the entire network.

Genians creates a cohesive ecosystem binding together the key elements of Network, Access, and Control

Genians’ NAC solution addresses this challenge head-on, using a fully integrated three-part architecture that focuses on visibility of users and devices, access control, and automated management, as indicated by the following diagram:

Genian NAC leverages the three “legs” of the triangle shown above to achieve and maintain network security compliance in a reliable and automated fashion. It begins this task by interrogating every device and user that attempts to connect to the network. It does so continuously, in real-time. Via the “Device Platform Intelligence” (DPI) technology at its core, Genians is able to identify all network-enabled devices, whether wired or wireless, and to provide a full array of information about each one of those devices. What kind of device is it? Who manufactured it? When does it go end-of-life? What is its IP address, its connected switch port, its associated VLAN, the state of its patch maintenance? Moreover, again via Genians’ DPI technology, it is able to do so in a vendor-agnostic manner, thus allowing full visibility into all network environments no matter which tech vendors’ switches, routers, or other appliances have been deployed.

With all of this information in hand, Genian NAC then assesses the compliance state of each device by consulting with policy guidelines developed and maintained in a policy server (Cloud-managed or On-prem), again in real-time. This allows the solution to apply context-based network access for users and devices alike (as suggested by the left leg of the diagram). That is: it ensures that access is granted only for those users and devices that meet the specific policies in effect at the time of their attempted access. Finally, Genians’ use of automation extends beyond device identification to device remediation, ensuring that required device configuration and patch levels are in place by providing automated remediation – or removal – of all non-compliant devices found. Thus, we have the three legs of Genians “virtuous NAC triangle”: full visibility of all devices made possible by Device Platform Intelligence; full control of all user and device network access via automated policy management; fully automated remediation of non-compliant devices; and all of this working in fully vendor-agnostic mode to ensure safe and secure access to your network environment.