Solutions 2018-04-18T09:57:58+00:00

The highest levels of IT security, availability, and resilience

Cyber threats in today’s enterprises are focused on multiple attack surfaces across the entire range of network-connected devices. This trend is expected to continue and increase exponentially in the years immediately ahead and IP-enabled devices remain a major cybersecurity point of vulnerability.

So Genians has reimagined Network Access Control to maximize network security and IT operational effectiveness by leveraging its unique Device Platform Intelligence technology

Genians NAC solution performs compliance checks smartly to ensure that all connected devices are automatically identified, classified, authorized, and given policy-based access control to ensure the highest levels of IT security, availability, and resilience.

Network Surveillance

Genians NAC solution illuminates everything on your network in real-time using non-disruptive sensing technology and organizes identified people and IP-enabled devices into logical groups based on your business requirements. Genians runs an extensive database that maintains a wide range of network-enabled device platforms including IT/OT devices such as medical devices, SCADA, PLC, and any IP-enabled sensors.

Monitoring

  • Detect devices in real-time by using Layer 2 based Network Sensors
  • Monitor wireless packets by using Wireless Sensors or Agents
  • Discover Switch Port information

Managing

  • Identify device information (Who, What, Where, When, How)
  • Classify them using over 500 conditions
  • Manage them through personalized dashboards

Securing

  • Detect unknown, rogue, misconfigured devices
  • Detect threats
  • Check compliance status continuously

Device Platform Intelligence

Genians can provide the device intelligence needed to go beyond mere device fingerprinting. It provides detailed technical and business contextual information for all IP-enabled devices holistically. This includes contextual information (What, Who, When, Where, How) about the device platform as well as business context information like the status of manufacturer/vendor (out of business, acquired by), the support status of a device (EOL/EOS), and related news.

Accurate Device Platform Detection

  • Manufacturer + Name + Model
  • Expand visibility into IT/OT convergence IoT, ICS, FAB, SCADA

Rich Information

  • Product information webpage URL
  • Google search link
  • Device networks connection type (wired, wireless)

Visualization

  • Provide actual device picture
  • Easy to recognize

Business Information

  • Product end of life (EOL)
  • Product end of support (EOS)
  • Manufacturer Out of Business
  • Manufacturer Acquisition
  • Manufacturer Location (Country)
  • Manufacturer Homepage

Visit www.genians.com/device-platform-intelligence to find out more details about the devices present on your network.

Empower IT Asset Management

Since Genians NAC solution can provide you with extremely accurate IT asset identification/classification based on our robust Device Platform Intelligence database (20,000+ device profiling “signatures”), you can significantly enhance your IT asset inventory.

Network Access Control

Genians NAC solution enforces IT security policies dynamically using contextual information (What, Who, When, Where, How) to quarantine any non-compliant devices and remediate them to be compliant through automated processes.

Respond immediately

  • Condition-based grouping (Over 500 predefined conditions)
  • Policy assignment based on the status change of endpoint compliance
  • End-to-end access control

Multi-layered Enforcement

  • Layer 2: ARP Poisoning (using Network Sensor)
  • Layer 3: TCP reset (using Mirror Sensor)
  • Layer 3: Inline enforcer (Dual-homed Gateway)
  • Agent: NIC/Power Control, Alert Popup
  • 802.1x: Built-in RADIUS server
  • DHCP: Built-in DHCP server
  • Integration: Firewall, Switch port shutdown (SNMP)

Mobile, BYOD, Guest

In the hyper-connected world of the Internet of Things (IoT), organizations are grappling with implementing Bring Your Own Device (BYOD) initiatives to deal with the rapidly evolving and increasingly complex tsunami of mobile devices, from laptops and tablets to other smart ”Things”, such as phones, watches, cars and more. Genian NAC can provide flexible and secure network access, wherever you are located, and for whatever devices you bring to the network.

Onboarding process

  • Check user authentication and device compliance status
  • Guide users to meet compliance (Self-service process)
  • Provide role-based access control

Secure access request

  • Captive Web Portal service
  • Built-in RADIUS server (802.1x)
  • User authentication (AD, local DB, RDBMS, Google G-Suite)
  • Request approval system (Device, IP, User, Peripherals)

IP Address Management (IPAM)

Through our intuitive IP matrix interface (Class C Subnet mask), see how many IP addresses are being used and available, which IP’s are assigned via DHCP, which are reserved, and more.

Monitoring

  • See the usage of IP address for each network segment
  • Identify who/what device connecting to an IP address
  • Monitor the change of IP addresses

Comprehensive IP Management

  • Built-in DHCP Server
  • IP Address (Allow, Deny, Lease, Assign)
  • IP Conflict / Change Prevention

Switch Port Management

See how many devices are connected to specific ports, their connection status, port-level security, 802.1x information, traffic, utilization and more. Using 802.1x port-based access control, control any ports connected to non-compliant devices.

Monitoring

  • Identify how many devices are connected to specific ports
  • Check the authentication status of connected devices
  • Monitor Switch port status (Up/down, Security, 802.1x, VLAN, etc.)

Port Managment

  • Switch and Port Description
  • Administratively Down
  • Discover Top 10 Switch Port Traffics

WLAN Security

Genians’ Network Sensor has the capability of scanning all SSIDs in your network and identifying who connects to which SSIDs, capturing not only your organization’s APs but also neighboring APs and controlling what is connecting to those APs. You can allow or deny Wifi-enabled devices accessing different SSIDs based on their policy compliance by groups, such as Authorized AP, Rogue AP, Misconfigured AP, Tethering device, and more.

WLAN Monitoring

  • Detect SSIDs by Wireless Sensor or Agent
  • Discover all connected wireless devices per SSIDs
  • Discover where SSIDs are located
  • Detect APs connected to corporate networks

WLAN Compliance

  • Detect non-compliant wireless devices (APs, mobile devices)
  • Detect rogue and misconfigured APs
  • Detect hidden APs and softAPs

Wireless Connection Manager

  • Manage wireless connection profile
  • Disable SoftAP
  • Provide a single-click wireless connection service
  • Allow connections only to authorized APs
  • 802.1x supplicant plugin (EAP-GTC)

Endpoint Security

Manage all desktop configurations, applications, OS Updates, peripheral devices, wireless connections and more. Standardize the configuration of corporate-owned devices automatically and control them remotely.

  • Change Computer Name
  • Check Password Validation
  • Collect System Information Using WMI
  • Configure Windows Security Settings
  • Control OS Updates (Works for the isolated network)
  • Configure 802.1X Wired Authentication Profile Settings
  • Control Antivirus Software Settings
  • Control DNS
  • Control External Devices (e.g. USB, Printer)
  • Control Internet Explorer Security Settings
  • Control Network Folder Sharing / Interface / Traffic
  • Control Power Options, Screen Lock
  • Provide Wireless Connection Manager (Zero configuration)
  • Control WLAN
  • Deploy Files
  • Inspect TCP Connections
  • Manage ARP Table
  • Install / Remove software
  • Run Scripts
  • Terminate Processes

IT Security Automation

Genian NAC integrates a wide range of IT security and business solutions (Firewall, IDS/IPS, VM, MDM, SIEM, APT, DLP, CRM/ERP, etc.) into each enterprise’s Policy Server to ensure unified policy enforcement. Genian NAC supports custom integration using Syslog, Webhook, REST API, and Syslog.

Perimeter Security System

  • Give: IP-User information for user-aware policy
  • Take: Receive Infected Endpoint IP or MAC then quarantine it
  • Next-gen Firewall

Threat Detection System

  • Give: IP information (user, history, platform.)
  • Take: Receive Infected Endpoint IP or MAC than quarantine it
  • ATP, EDR

Enterprise Mobility Management

  • Block mobile devices if EMM agent is not installed

SIEM

  • Provide IP device information
  • Provide Endpoint information