Before contacting our technical or product support, please go through our FAQ—answers to the frequently asked questions.
For macmon SDP we have compiled a separate FAQ.
Yes, macmon operates completely independent of the manufacturer. This means that all the SNMP manageable switches and routers can be controlled using macmon. Therefore we can completely cover even highly heterogeneous environments.
Yes, macmon can be used in hybrid operation. This means that only the MAC address is used for authentication in some areas and more properties are used in other areas, like e.g., the IP address, host name and operating system, and in still other areas, even certificates in conjunction with 802.1X.
Our requirements are minimal. It should be possible to manage the switches and routers using SNMP V1, V2c or V3 (read and write) or using SSH / Telnet.
Yes, the measure 2.216 of the basic BSI baseline security catalog* and of Article 9.1.2 and 13.1.3 (german) of the ISO 27001:2015-03 standard ("Automatic equipment identification should be considered as a means to authenticate connections from specific locations and equipment") can be completely covered.
*The installation and use of unapproved IT components should be prohibited and the compliance with this prohibition should be checked regularly.
macmon can considerably simplify the implementation and administration of 802.1X. The implementation is often made possible through macmon by using its own RADIUS server, a simple web GUI and covering even areas that are not 802.1X-compliant. Additional features like VLAN management or event-based responses are impossible or very difficult without the support of macmon.
Yes, the standard can be used with certificates as well as with MAC addresses (MAB Mac Authentication Bypass) or username and password. macmon can therefore use other authentication options than the certificate. Additionally, there is the possibility to cover network areas, which are not able to use the 802.1X standard through the macmon mixed mode. Those areas can then switch to 802.1X gradually, related to modernizing the systems "step by step".
Another option used by many of our customers is to connect to the ActiveDirectoy to use the existing AD device accounts for secure authentication. This provides a significant increase in security compared to the use of MAC addresses.
macmon is modularly designed and can be licensed in different ways. The basis is the number of MAC addresses (nodes) to be authenticated.
You have several options for working with macmon. The virtual appliance can be quickly integrated with VMWare or HyperV and can be used directly. Alternatively, you can obtain a machine from us or your system vendor. You can obtain the necessary trial license also directly from your partner or from us.
macmon is sold only indirectly across the world. This means that the solution cannot be purchased directly from macmon secure GmbH, but through one of our partners, who also provide support for testing, licensing and implementing the solution. As a partner you can purchase our products and services through our Value Added Distributor.
You always have at least two options when you need help and support. The sales partner, through whom you purchased macmon, provides support and already knows your environment. In addition, you always have the option to contact us directly. Our support team is based in Berlin and can be reached by phone and email during our business hours.
The team of German developers based in Berlin is constantly expanding macmon and creating new possibilities. New standards, new research results, etc. are continuously and as promptly as possible incorporated into the further development of the software. In addition, integrations with products from other vendors are constantly being created, which allows a powerful integration with the existing environment.
macmon is available as a physical and virtual appliance for VMware and HyperV. Hence, you do not need to provide or maintain any operating system from your side. The operating systems of the systems to be authenticated do not matter, because our technologies are based on underlying industry standards and macmon also works without an agent.
For smaller companies, macmon offers the NAC smart solution which is available as a complete turnkey package including the implementation.
Beyond the NAC features—and usually even before using NAC—this is one of the core functionalities of macmon. Monitoring can be done for the whole network or just parts of it, resulting in alarms or logs, or even passing the data to a SIEM solution.
Dynamic VLAN management is not only suitable for automating existing VLAN concepts, but also for introducing new concepts. By simply categorizing the endpoints on the macmon WebGUI, the VLAN can be assigned automatically.
Due to the continuous overview of the network, macmon also has an up-to-date status of the existing devices. The systems can be complemented with additional information to manage them directly in macmon, or they can be easily synchronized by linking them to another asset management system, which can provide a solid upgrade to an existing inventory solution.
The WebGUI of macmon NAC offers comprehensive system reports on endpoints, network devices, interfaces, VLANs, authentications, monitoring data and events. In addition, custom reports can be created and all information can also be retrieved via the REST API.
The specially created module Past Viewer offers the possibility to store connection data in a separate database for a long time. This way forensic analyses can be made at any time, but also impact analyses for planned maintenance work on the network are of enormous help.
The scalable architecture of macmon NAC offers the possibility to operate and centrally manage a whole group of servers instead of just one central server. Thus, high-availability concepts for effective NAC strategies can be implemented. The performance of macmon NAC can be expanded in parallel but also by resources within a central system in such a way that distributed structures can also be covered by a single system. The optimal strategy depends on your expectations and goals and we will be happy to discuss it with you personally.
Yes, macmon secure offers Network Access Control as a service for this purpose, whereby the service is provided by certified and experienced Managed Service Providers (MSPs). macmon provides various supporting tools and assistance, so that MSPs can offer a high level of service.