SUBSTANTIAL TECHNOLOGY PARTNERSHIPS FOR YOUR SOLID SECURITY
Connect reliable macmon Network Access Control (NAC) with leading security solutions and profit from real benefits!
Our in-house developed NAC solution is not only the answer to ideally protect your network against unauthorized access, but our product also offers a way to seamlessly integrate with other security solutions. We differentiate between integrations with endpoint compliance platforms, whole infrastructures, asset management systems and identity stores, whereas asset management systems and identity stores can be bidirectional inte-grations. Some vendors offer more than just one integration of different types, but to identify which is the right one for you we classified them this way. Below you will find our long-term partnerships with leading technology brands - if your preferred brand is not on the list, talk to us so we can evaluate a potential integration. Take advantage of this opportunity and profit from our sophisticated interface to meet your high standards. Make use of this advantage and get true benefits from our product integrations.
Technology partnerships
macmon NAC reads ARP information from Allied Telesis network switches and enables macmon NAC to isolate or physically disconnect endpoints that are determined as non-compliant.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
Barracuda CloudGen Firewalls include full next-generation security paired with all network optimization and management functionality today known as Secure SD-WAN. The integration with macmon expands the protection on the corporate network at any entry point against unauthorized access, malware, Advanced Persistent Threats and detection of bot-controlled endpoint devices immediately at the gateway.
Your added value: While macmon gathers ARP information from all devices on the network and enforces policies at the MAC level, Barracuda CloudGen Firewalls with Advanced Threat Protection and Botnet detection sends macmon live updates on identified threats at the client. Subsequently affected endpoint devices can be either automatically disconnected from the network or moved to a quarantine segment. At the same time, macmon reports information on detected endpoints, allowing enforcement of appropriate security policies with Barracuda CloudGen Firewall. Communication policies that apply between two network segments, are not only segment based anymore, but also endpoint group based. Group member lists are continuously being maintained through macmon’s active endpoint discovery, which leads to your communication policies always being up to date. Guest devices are also being separated from the rest of the network by the Barracuda CloudGen Firewall. Read more
Integration requires the macmon Premium Bundle.
Download Datasheet Barracuda CloudGen Firewalls & macmon
Download white paper Barracuda CloudGen Firewall
The BlueCat IP Address Management (IPAM) solution offers unified mobile security, address management, automation and self-services. The interface of BlueCat enables the import of DHCP data, DHCP leases in par-ticular.
This information is being fed into macmon and complements the endpoint data collection, including DHCP hostnames and IP data. Among other things, this improves the detection of ARP spoofing attacks and hence the protection against them.
Check Point Identity Awareness provides the ability to apply firewall policies based on the properties of an identity. In addition to the classic use of a firewall at the gateway, this option, together with the many details provided by macmon NAC, offers completely new possibilities for effective network segmentation. While previously rules were defined very "fuzzy" per segment and maintenance per device was too complex, the seamless integration of macmon NAC now maintains these granular rules completely automatically.
Your added value: The integration of macmon secure and Check Point is delivered conceptually ready to take into account all daily workflows as well as the lifecycle of the end devices. Devices are logged on and off when entering and leaving the network. Changes due to relocation, long runtimes, changes of properties such as IP address, name or other details automatically lead to a respective update.
With INDART Professional CONTECHNET offers a modular software solution for creating and maintaining a complete IT emergency planning.
Your added value: Thanks to the integration of INDART Professional®, relevant data is continously fetched from routers, switches and servers by macmon. The emergency reference list is always kept up-to-date. In case any of the registered systems becomes unreachable, or a new system shows up, appropriate action is requested as defined in the emergency documentation.
CLEARER from DECOIT® GmbH is able to quickly detect threats like malware in the corporate network. In CLEARER, detected threats or anomalies are recorded in the form of incidents and transferred to macmon NAC if configured. The combination of CLEARER and macmon NAC is a powerful combination of threat detection and isolation of affected endpoints.
Your added value: CLEARER collects information about your endpoints in the network and derives a compliance decision, which is enforced in the corporate network with the help of macmon NAC. The macmon web GUI provides a convenient overview of the compliance status of all endpoints and the CLEARER SIEM GUI provides additional details about the incident with recommendations for action.
Anomalies are reliably detected by CLEARER because the solution regularly queries macmon's endpoints inventory and can therefore differentiate between endpoints known and unknown in the network.
macmon NAC reads ARP information from Dell network switches and enables macmon NAC to isolate or physically disconnect endpoints that are determined as non-compliant.
EgoSecure is a market-leading vendor of data security solutions and protects organisations from data loss, malware and unauthorised devices, e. g. USB drives.
Your added value: The connection with EgoSecure enables the transmission of the compliance status of endpoint devices to macmon. Thus enables the disconnection of non-compliant devices from the network or their movement to a quarantine segment as well as transfering them back after their cure. Additionally, EgoSecure informs macmon straight away about any type of breach of compliance, for instance “unauthorised application executed” or “too much data copied to USB drive” and more.
ExtraHop is the global leader in real-time wire data analytics. The innovative approach of the ExtraHop Operational Intelligence platform provides the correlated, cross-tier visibility essential for application performance, availability, and security in today's complex and dynamic IT environments.
Your added value: By integrating with macmon, endpoints can be isolated from the network instantaneously, when - for example - an unusual activity takes place, like a large number login attempts in a short time period at a server or database, which is detected by ExtraHop.
Read the press realease for the technology alliance
Download Whitepaper ExtraHop macmon coupling
FireEye Network Security helps organizations of all sizes minimize the risk of costly breaches by accurately detecting and immediately stopping advanced, targeted and other evasive attacks hiding in Internet traffic. At the core of FireEye Network Security is the Multi-Vector Virtual Execution™ (MVX) and Intelligence-Driven Analysis (IDA) technologies. MVX is a signature-less, dynamic analysis engine that inspects suspicious objects to identify targeted, evasive and unknown threats. The IDA engines detect and block malicious objects based on machine-, attacker- and victim-intelligence.
F-Secure is one of the leading providers of endpoint security and especially anti-malware solutions.
Their added value: The direct line between the development departments ensures that the different versions are compatible with each other and that macmon can react quickly and specifically to events from F-Secure, such as critical virus detections, using the AntiVirus Connector. In addition, macmon NAC cyclically determines the age of the virus signatures of all known end devices and classifies them as "Compliant" or "Non-Compliant" based on this information. In addition to the complete overview of the compliance status, devices with outdated signatures can be automatically moved to quarantine.
As a user of macmon NAC you do not only benefit from the high level of security the software establishes along with easy interaction and operation, as well as the deployment of intelligent technologies, but also from the interface’s capability to connect with other leading security solutions. Apart from the well-known Antivirus solutions, they also include Endpoint security, IT Emergency Management, Intrusion Detection or Prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event Man-agement (SIEM) and many more.
The Greenbone Security Manager (GSM) of Greenbone Networks identifies security gaps in corporate IT and evaluates their risk potential. In addition, the GSM recommends measures to remedy found vulnerabilities.
Your added value: macmon has new endpoints scanned for vulnerabilities by Greenbone Security Manager when they are connected to the corporate network and regularly analyzes the compliance status to protect your corporate network.
Hirschmann products are technology and market leaders in the field of industrial networks. As a specialist in automation and network technology, Hirschmann™ develops innovative solutions that are geared to customer requirements in terms of performance, efficiency and investment security.
Your added value: macmon NAC can use the integrated RADIUS Server to perform central user management and authorize users based on the configured policies.
Infoblox is a solution that provides network services such as DNS or DHCP in a simple manner. This combination is ideal, because the solution works universally with the same data that macmon uses for Network Access Control.
Your added value: Using the available open interfaces, it is possible to synchronise the databases with each other and to mirror the group memberships. The maintenance of system data such as MAC-addresses or IP-addresses only needs to be done in one place. Both Infoblox and macmon have corresponding automatisms that guarantee an effective and up-to-date overview.
MobileIron was acquired by Ivanti on 1 December 2020 and is now managed in the portfolio under ivanti Endpoint Manager Mobile (EPM mobile).
Your added value: The integration of Ivanti allows you to read out all managed mobile devices to make them known in the macmon NAC solution and either grant or deny them access on the network. The unique approach to mapping those devices enables you to link a Ivanti label to a group in macmon. You do not need to do any manual policy enforcement to control access on your network. At the same time, the compliancy status can also be transmitted and in case MobileIron identifies a device as non-compliant, macmon is going to isolate the device.
Download White paper Ivanti macmon integration
LANCOM Systems GmbH is the leading German manufacturer of network solutions for business customers and the public sector. LANCOM offers professional users secure, reliable, and future-proof infrastructure solutions for all local and multi-site networks (WAN, LAN, WLAN) as well as for central network management based on software-defined networking technologies (SD-WAN, SD-LAN, SD-WLAN).
Your added value: In the course of intensive collaboration, macmon NAC automatically detects all LANCOM devices and uses verified communication methods to identify all components including connected endpoints. NAC strategies can thus be implemented "out of the box" using both conventional network protocols such as SNMP and advanced techniques such as RADIUS-based 802.1X.
Download our white paper to get an example of how to configure a LANCOM switch and successfully implement NAC.
ManageEngine crafts comprehensive IT management software with a focus on making your job easier. ManageEngine’s 90+ products and free tools cover your IT needs: From network and device management to security and service desk software, they're bringing IT together for an integrated, overarching approach to optimize your IT.
Added value: macmon NAC analyzes Patch Manager Plus assets and Mobile Device Manager Plus assets. In both cases, macmon NAC provides a great overview on the compliance status of every corporate device on the network. And even more, a predefined policy could both isolate a non-compliant corporate device by moving it into a special network segment and notify the administrator in charge to have a look at it. Read more
Integrate macmon NAC into Matrix42 Asset Management and manage your endpoint devices from the Service Store.
The lmbit macmon connector for the Matrix42 Service Store allows to organize the management of macmon endpoints via Asset Management. The endpoint information of the macmon installation is automatically kept up to date via the REST API.
Download Datasheet macmon-Connector for Matrix42 Marketplace (German language version)
McAfee is one of the largest vendors of security solutions worldwide and offers with its ePolicy Orchestrator (ePO) a platform that lets you centrally manage various security solutions at once. When integrating with macmon Compliance, you can be alerted of nearly any event that may occur in McAfee. That way the endpoints that are deemed “non-compliant” will be moved to the appropriate network segment. Flexible policy enforce-ment allows you to react to each event individually.
Download white paper Integration of macmon Compliance Module with McAfee ePO
In addition, the Bücker IT Security Framework combines existing security components from McAfee and macmon's network access control, optimizing security measures proactively and without additional effort.
Download white paper macmon & McAfee & Bücker IT-Security Framework
Since 1993, MICROSENS GmbH & Co. KG has been standing for fiber optic solutions. As one of the pioneers of fiber optic transmission systems, the internationally active company covers all performance sectors of fiber optic technology. Starting with solutions for future-safe office networking and high-availability in rough environments, the product portfolio ranges over large-scale site networking and interconnection of computing centres up to high-performance Wide Area Networks (WANs).
In all these fields of application, MICROSENS provides and ensures efficient, fast, and secure data transfer. As an internationally successful manufacturer, MICROSENS distributes its products on a worldwide scale. In addition to the company headquarters in Hamm in Westphalia (Germany), MICROSENS also has sales subsidiaries in France and Poland to optimally fulfil the diverse requirements of its customers on-site. Since 2006, MICROSENS has been part of the euromicron company group, which focusses on network and optical fiber technologies applied in the IT industry.
Your added value: macmon NAC reads ARP information from Microsens network switches and enables macmon NAC to isolate or physically disconnect endpoints that are determined as non-compliant.
NCP is the German leading vendor of Remote Access VPN Solutions for high-security access on central based data and resources. Especially companies with a great number of professional mobile users or Industry 4.0 driven businesses benefit by getting their administration simplified with NCP’s Secure Enterprise Solution for professional Remote Access Networks.
Your added value: macmon is able to display the systems and users connected through the NCP VPN in a comprehensive overview. In case of an endpoint should be disconnected from the internal network because of a specific event (e.g. security breach, compliance offence etc.), macmon is able to enforce the NCP Gateway to drop the VPN connection actively. If desired, even a common whitelist of approved endpoints can be used – this ensures to only give network access to trusted endpoints by covering WLAN, LAN and VPN.
macmon NAC reads ARP information from Nexans network switches and enables macmon NAC to isolate or physically disconnect endpoints that are determined as non-compliant.
Phoenix Contacts looks back on 100 years of experience and is a specialist for connection and automation technology in the fields of traffic infrastructure, electro-mobility, renewable energies, intelligent supply networks and energy-efficient mechanical and plant engineering. The broad product portfolio includes network switches in many forms, such as unmanaged, intelligent or managed switches that implement various protocols and standards such as PROFINET, Ethernet or 802.1X.
Your added value:
With the integration of network switches from Phoenix Contact, you can conveniently read and set VLANs on the interface in macmon, block and unblock network interfaces or read the 802.1X status. The complete function overview can be found in the whitepaper.
Progress Flowmon Anomaly Detection System (ADS) is a security solution that uses machine learning to detect anomalies hidden in network traffic. It complements traditional security tools and creates a multi-layered protection system capable of detecting threats at any stage of compromise. Detectable attacks usually require immediate action, which is implemented in real time by the macmon Network Access Control solution.
Your added value: Through the direct coupling of the two systems and the associated automatable reaction to attacks and anomalies, infected machines and devices can be isolated immediately, even before a threat has to be identified in detail by security experts. The detection of malware communication or botnet activities of infected devices, as well as the uncovering of hidden data, are just three examples where a short response time is necessary to protect the corporate network as quickly as possible.
Restorepoint is a solution that you can backup and restore a variety of products with. You can chronologically archive their configuration and make your backups available again later.
Your added value: The deep integration of Restorepoint allows you to save the configuration and installation data of your macmon appliance. This process is automated and can be scheduled as well. On top of macmon’s own backup feature, that takes care of your scheduled backups in the background, Restorepoint centralises this approach and is especially useful and quick in unexpected crash scenarios.
The data that is created and managed in macmon NAC is a true treasure trove of data for project management. They immediately recognize when a new system appears in the network and can assign and evaluate it. Thus, users know which internal or external services are working with the systems and which requirements are placed on these systems, such as security requirements, data protection, ISMS, emergency relevance and risk management.
Your added value: The interface between macmon NAC and smart2project enables IT administrators to collect data on network components, integrate it into project management and monitor the impact on internal services and resources.
Watch the webcast macmon & smart2project (in german only)
Sophos evolves to meet every new challenge, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyber threats. Powered by SophosLabs, cloud-native and AI-enhanced solutions from Sophos are able to adapt and evolve to secure endpoints and networks against never-before-seen cybercriminal tactics and techniques.
Your added value: Sophos Intercept X is able to detect threats quickly and provide the threat status via Sophos Central. macmon regularly retrieves the health status from all endpoints in the network and displays it in the macmon user interface for a convenient overview. If the health status of an endpoint is not good, macmon can isolate this device from the network segment at short notice. This prevents malware from spreading over the network and infecting other resources in the network.
Splunk is the world's first Data-to-Everything Platform. Now organizations no longer need to worry about where their data is coming from, and they are free to focus on the business outcomes that data can deliver.
Your added value: Splunk processes compliance incidents and network session data reported by macmon and visualizes them in concise dashboards - in real time! This way you have a comfortable overview of your company network.
Sycope is a network monitoring tool using real-time flow analysis, enriched with business context to help businesses assess performance and protect IT in frastructure. lt records, processes and analyses all parameters contained in flows, enhanced by SNMP, geolocation and security feeds.
Your added value: Sycope provides a very complex mechanism to analyse network traffic and detect violations of security rules. The administrator can integrate Sycope with macmon to detect and actively manage violation of security rules.
Download White paper Sycope macmon integration
Tenfold offers a web-based portal that centrally manages users and their permissions.
Your added value: It manages the permission to register both employee and guest devices - or to deny their access - to the network. Combined with macmon’s guest/BYOD portal, these permissions are instantly available. When an Active Directory account becomes inactive, the corresponding endpoint device is also being locked out of the network.
Vectra is a global leader in AI for real-time detection and defense against cyber-attacks in cloud, data center and enterprise infrastructures. This involves helping security analysts perform conclusive incident investigations and AI-powered threat hunting.
In today's challenging data environments, comprehensive cyber attack detection and response is essential. Vectra is uniquely positioned to help you proactively find cyber attackers and reduce business risk.
A results-oriented cybersecurity requires a reliable partnership and this is what WithSecure offers. With experience and developments created over 30 years, the IT security company protects critical operations worldwide. These include the largest financial institutions, IT service providers, and MSSPs, among others.
Using AI-driven security, WithSecure provides endpoint and cloud collaboration protection. To minimize the damage of a cyberattack, the intelligent detection and response function is additionally supported by experts and technology providers.
Your added value: To ensure that an infected endpoint does not become the starting point for infecting the entire corporate network, WithSecure and macmon NAC work in close and powerful collaboration. The sophisticated engine of WithSecure Business Suite Premium offers a number of components to provide effective security locally on the end devices. By interfacing, macmon NAC can automatically respond to threats according to company policy. For example, a direct disconnection from the network or a move to a quarantine network. Learn how to pair the two programs in this white paper.
Palo Alto Networks is a global leader in cybersecurity whose pioneering technologies are setting the course for the cloud-centric future and modernising the way companies and their employees work from the ground up. In Palo Alto Cortex XDR, any threats or irregularities found are recorded in the form of incidents and made available for macmon NAC.
Your added value:
The combination of Palo Alto Cortex XDR and macmon NAC is a powerful combination of threat detection and isolation of affected endpoints.
Technology partnerships SDP
Swivel Secure is an industry-leading authentication solutions provider. Founded in 2001, Swivel Secure protects thousands of organizations in over 54 countries. Swivel's AuthControl provides multi-factor authentication (MFA) combined with single sign-on and authentication (SSO) for intelligent protection of cloud and on-premise architectures.
What added value does the combination with macmon SDP create?
By combining macmon SDP and Swivel AuthControl, access to cloud and on-premise solutions is even better protected. Zero Trust Network Access ensures that only authorized users on compliance-verified systems are allowed to access cloud and on-premise resources, while Swivel AuthControl protects logins to macmon SDP through multi-factor authentication and simplifies them through single sign-on. This improves and optimizes security and usability for secure access to corporate resources.
Learn in our whitepaper how easy Swivel AuthControl can be combined with macmon SDP.
Yubico has developed the YubiKey, a highly secure way to protect your online accounts on all your devices. With it, you can effectively protect yourself from cyber attacks. With FIDO 2, a security key pair consists of a public and a private key, ensuring strong authentication. Users can add security keys such as YubiKey to log in even more securely.
Your added value: Thanks to FIDO 2-based authentication, users can access cloud and corporate resources faster and more securely. Authentication can be easily enabled and disabled by both users and administrators. This provides additional protection and higher security when logging in to macmon SDP resources.
Interfaces
As a user of macmon NAC you do not only benefit from the high level of security the software establishes along with easy interaction and operation, as well as the deployment of intelligent technologies, but also from the interface’s capability to connect with other leading security solutions. Apart from the well-known Antivirus solutions, they also include Endpoint security, IT Emergency Management, Intrusion Detection or Prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event Man-agement (SIEM) and many more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
Asset Management
The bidirectional connection with asset management solutions, such as CMDBs, inventory, client management and other systems makes both the endpoint and network device information synchronize automatically. Depending on the given workflow either this third party solution or macmon NAC can be in the active role of communication, whereat macmon NAC is most likely to learn new endpoints first and then shares its knowledge.
Technology partnerships NAC
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
The BlueCat IP Address Management (IPAM) solution offers unified mobile security, address management, automation and self-services. The interface of BlueCat enables the import of DHCP data, DHCP leases in par-ticular.
This information is being fed into macmon and complements the endpoint data collection, including DHCP hostnames and IP data. Among other things, this improves the detection of ARP spoofing attacks and hence the protection against them.
With INDART Professional CONTECHNET offers a modular software solution for creating and maintaining a complete IT emergency planning.
Your added value: Thanks to the integration of INDART Professional®, relevant data is continously fetched from routers, switches and servers by macmon. The emergency reference list is always kept up-to-date. In case any of the registered systems becomes unreachable, or a new system shows up, appropriate action is requested as defined in the emergency documentation.
Infoblox is a solution that provides network services such as DNS or DHCP in a simple manner. This combination is ideal, because the solution works universally with the same data that macmon uses for Network Access Control.
Your added value: Using the available open interfaces, it is possible to synchronise the databases with each other and to mirror the group memberships. The maintenance of system data such as MAC-addresses or IP-addresses only needs to be done in one place. Both Infoblox and macmon have corresponding automatisms that guarantee an effective and up-to-date overview.
The data that is created and managed in macmon NAC is a true treasure trove of data for project management. They immediately recognize when a new system appears in the network and can assign and evaluate it. Thus, users know which internal or external services are working with the systems and which requirements are placed on these systems, such as security requirements, data protection, ISMS, emergency relevance and risk management.
Your added value: The interface between macmon NAC and smart2project enables IT administrators to collect data on network components, integrate it into project management and monitor the impact on internal services and resources.
Watch the webcast macmon & smart2project (in german only)
Integrate macmon NAC into Matrix42 Asset Management and manage your endpoint devices from the Service Store.
The lmbit macmon connector for the Matrix42 Service Store allows to organize the management of macmon endpoints via Asset Management. The endpoint information of the macmon installation is automatically kept up to date via the REST API.
Download Datasheet macmon-Connector for Matrix42 Marketplace (German language version)
Tenfold offers a web-based portal that centrally manages users and their permissions.
Your added value: It manages the permission to register both employee and guest devices - or to deny their access - to the network. Combined with macmon’s guest/BYOD portal, these permissions are instantly available. When an Active Directory account becomes inactive, the corresponding endpoint device is also being locked out of the network.
Vectra is a global leader in AI for real-time detection and defense against cyber-attacks in cloud, data center and enterprise infrastructures. This involves helping security analysts perform conclusive incident investigations and AI-powered threat hunting.
In today's challenging data environments, comprehensive cyber attack detection and response is essential. Vectra is uniquely positioned to help you proactively find cyber attackers and reduce business risk.
Interfaces
Compliance
If an existing solution found an endpoint on the network and determines a non-compliant state, that either stems from malware or originated on a botnet, it would pass this information on to macmon NAC. This message about the incident is going to contain the identity, the reason and the new compliance status. Other systems can also be updated on this new compliance status at the same time.
Technology partnerships NAC
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
Barracuda CloudGen Firewalls include full next-generation security paired with all network optimization and management functionality today known as Secure SD-WAN. The integration with macmon expands the protection on the corporate network at any entry point against unauthorized access, malware, Advanced Persistent Threats and detection of bot-controlled endpoint devices immediately at the gateway.
Your added value: While macmon gathers ARP information from all devices on the network and enforces policies at the MAC level, Barracuda CloudGen Firewalls with Advanced Threat Protection and Botnet detection sends macmon live updates on identified threats at the client. Subsequently affected endpoint devices can be either automatically disconnected from the network or moved to a quarantine segment. At the same time, macmon reports information on detected endpoints, allowing enforcement of appropriate security policies with Barracuda CloudGen Firewall. Communication policies that apply between two network segments, are not only segment based anymore, but also endpoint group based. Group member lists are continuously being maintained through macmon’s active endpoint discovery, which leads to your communication policies always being up to date. Guest devices are also being separated from the rest of the network by the Barracuda CloudGen Firewall. Read more
Integration requires the macmon Premium Bundle.
Download Datasheet Barracuda CloudGen Firewalls & macmon
Download white paper Barracuda CloudGen Firewall
CLEARER from DECOIT® GmbH is able to quickly detect threats like malware in the corporate network. In CLEARER, detected threats or anomalies are recorded in the form of incidents and transferred to macmon NAC if configured. The combination of CLEARER and macmon NAC is a powerful combination of threat detection and isolation of affected endpoints.
Your added value: CLEARER collects information about your endpoints in the network and derives a compliance decision, which is enforced in the corporate network with the help of macmon NAC. The macmon web GUI provides a convenient overview of the compliance status of all endpoints and the CLEARER SIEM GUI provides additional details about the incident with recommendations for action.
Anomalies are reliably detected by CLEARER because the solution regularly queries macmon's endpoints inventory and can therefore differentiate between endpoints known and unknown in the network.
EgoSecure is a market-leading vendor of data security solutions and protects organisations from data loss, malware and unauthorised devices, e. g. USB drives.
Your added value: The connection with EgoSecure enables the transmission of the compliance status of endpoint devices to macmon. Thus enables the disconnection of non-compliant devices from the network or their movement to a quarantine segment as well as transfering them back after their cure. Additionally, EgoSecure informs macmon straight away about any type of breach of compliance, for instance “unauthorised application executed” or “too much data copied to USB drive” and more.
ExtraHop is the global leader in real-time wire data analytics. The innovative approach of the ExtraHop Operational Intelligence platform provides the correlated, cross-tier visibility essential for application performance, availability, and security in today's complex and dynamic IT environments.
Your added value: By integrating with macmon, endpoints can be isolated from the network instantaneously, when - for example - an unusual activity takes place, like a large number login attempts in a short time period at a server or database, which is detected by ExtraHop.
Read the press realease for the technology alliance
Download Whitepaper ExtraHop macmon coupling
FireEye Network Security helps organizations of all sizes minimize the risk of costly breaches by accurately detecting and immediately stopping advanced, targeted and other evasive attacks hiding in Internet traffic. At the core of FireEye Network Security is the Multi-Vector Virtual Execution™ (MVX) and Intelligence-Driven Analysis (IDA) technologies. MVX is a signature-less, dynamic analysis engine that inspects suspicious objects to identify targeted, evasive and unknown threats. The IDA engines detect and block malicious objects based on machine-, attacker- and victim-intelligence.
Progress Flowmon Anomaly Detection System (ADS) is a security solution that uses machine learning to detect anomalies hidden in network traffic. It complements traditional security tools and creates a multi-layered protection system capable of detecting threats at any stage of compromise. Detectable attacks usually require immediate action, which is implemented in real time by the macmon Network Access Control solution.
Your added value: Through the direct coupling of the two systems and the associated automatable reaction to attacks and anomalies, infected machines and devices can be isolated immediately, even before a threat has to be identified in detail by security experts. The detection of malware communication or botnet activities of infected devices, as well as the uncovering of hidden data, are just three examples where a short response time is necessary to protect the corporate network as quickly as possible.
F-Secure is one of the leading providers of endpoint security and especially anti-malware solutions.
Their added value: The direct line between the development departments ensures that the different versions are compatible with each other and that macmon can react quickly and specifically to events from F-Secure, such as critical virus detections, using the AntiVirus Connector. In addition, macmon NAC cyclically determines the age of the virus signatures of all known end devices and classifies them as "Compliant" or "Non-Compliant" based on this information. In addition to the complete overview of the compliance status, devices with outdated signatures can be automatically moved to quarantine.
As a user of macmon NAC you do not only benefit from the high level of security the software establishes along with easy interaction and operation, as well as the deployment of intelligent technologies, but also from the interface’s capability to connect with other leading security solutions. Apart from the well-known Antivirus solutions, they also include Endpoint security, IT Emergency Management, Intrusion Detection or Prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event Man-agement (SIEM) and many more.
The Greenbone Security Manager (GSM) of Greenbone Networks identifies security gaps in corporate IT and evaluates their risk potential. In addition, the GSM recommends measures to remedy found vulnerabilities.
Your added value: macmon has new endpoints scanned for vulnerabilities by Greenbone Security Manager when they are connected to the corporate network and regularly analyzes the compliance status to protect your corporate network.
ManageEngine crafts comprehensive IT management software with a focus on making your job easier. ManageEngine’s 90+ products and free tools cover your IT needs: From network and device management to security and service desk software, they're bringing IT together for an integrated, overarching approach to optimize your IT.
Added value: macmon NAC analyzes Patch Manager Plus assets and Mobile Device Manager Plus assets. In both cases, macmon NAC provides a great overview on the compliance status of every corporate device on the network. And even more, a predefined policy could both isolate a non-compliant corporate device by moving it into a special network segment and notify the administrator in charge to have a look at it. Read more
McAfee is one of the largest vendors of security solutions worldwide and offers with its ePolicy Orchestrator (ePO) a platform that lets you centrally manage various security solutions at once. When integrating with macmon Compliance, you can be alerted of nearly any event that may occur in McAfee. That way the endpoints that are deemed “non-compliant” will be moved to the appropriate network segment. Flexible policy enforce-ment allows you to react to each event individually.
Download white paper Integration of macmon Compliance Module with McAfee ePO
In addition, the Bücker IT Security Framework combines existing security components from McAfee and macmon's network access control, optimizing security measures proactively and without additional effort.
Download white paper macmon & McAfee & Bücker IT-Security Framework
MobileIron was acquired by Ivanti on 1 December 2020 and is now managed in the portfolio under ivanti Endpoint Manager Mobile (EPM mobile).
Your added value: The integration of Ivanti allows you to read out all managed mobile devices to make them known in the macmon NAC solution and either grant or deny them access on the network. The unique approach to mapping those devices enables you to link a Ivanti label to a group in macmon. You do not need to do any manual policy enforcement to control access on your network. At the same time, the compliancy status can also be transmitted and in case MobileIron identifies a device as non-compliant, macmon is going to isolate the device.
Download White paper Ivanti macmon integration
Sycope is a network monitoring tool using real-time flow analysis, enriched with business context to help businesses assess performance and protect IT in frastructure. lt records, processes and analyses all parameters contained in flows, enhanced by SNMP, geolocation and security feeds.
Your added value: Sycope provides a very complex mechanism to analyse network traffic and detect violations of security rules. The administrator can integrate Sycope with macmon to detect and actively manage violation of security rules.
Download White paper Sycope macmon integration
Sophos evolves to meet every new challenge, protecting more than 400,000 organizations of all sizes in more than 150 countries from today’s most advanced cyber threats. Powered by SophosLabs, cloud-native and AI-enhanced solutions from Sophos are able to adapt and evolve to secure endpoints and networks against never-before-seen cybercriminal tactics and techniques.
Your added value: Sophos Intercept X is able to detect threats quickly and provide the threat status via Sophos Central. macmon regularly retrieves the health status from all endpoints in the network and displays it in the macmon user interface for a convenient overview. If the health status of an endpoint is not good, macmon can isolate this device from the network segment at short notice. This prevents malware from spreading over the network and infecting other resources in the network.
Interfaces
As a user of macmon NAC you do not only benefit from the high level of security the software establishes along with easy interaction and operation, as well as the deployment of intelligent technologies, but also from the interface’s capability to connect with other leading security solutions. Apart from the well-known Antivirus solutions, they also include Endpoint security, IT Emergency Management, Intrusion Detection or Prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event Man-agement (SIEM) and many more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
Identity integration
Already existing identity integrations on the network, such as mobile device management solutions, AD or LDAP services, SAML, RADIUS servers or other systems, could be used by macmon NAC to perform qualified authentications of endpoints. Uniquely authenticated identities and their respective current status can be passed on to third party solutions, such as firewalls and others.
Technology partnerships NAC
Barracuda CloudGen Firewalls include full next-generation security paired with all network optimization and management functionality today known as Secure SD-WAN. The integration with macmon expands the protection on the corporate network at any entry point against unauthorized access, malware, Advanced Persistent Threats and detection of bot-controlled endpoint devices immediately at the gateway.
Your added value: While macmon gathers ARP information from all devices on the network and enforces policies at the MAC level, Barracuda CloudGen Firewalls with Advanced Threat Protection and Botnet detection sends macmon live updates on identified threats at the client. Subsequently affected endpoint devices can be either automatically disconnected from the network or moved to a quarantine segment. At the same time, macmon reports information on detected endpoints, allowing enforcement of appropriate security policies with Barracuda CloudGen Firewall. Communication policies that apply between two network segments, are not only segment based anymore, but also endpoint group based. Group member lists are continuously being maintained through macmon’s active endpoint discovery, which leads to your communication policies always being up to date. Guest devices are also being separated from the rest of the network by the Barracuda CloudGen Firewall. Read more
Integration requires the macmon Premium Bundle.
Download Datasheet Barracuda CloudGen Firewalls & macmon
Download white paper Barracuda CloudGen Firewall
Check Point Identity Awareness provides the ability to apply firewall policies based on the properties of an identity. In addition to the classic use of a firewall at the gateway, this option, together with the many details provided by macmon NAC, offers completely new possibilities for effective network segmentation. While previously rules were defined very "fuzzy" per segment and maintenance per device was too complex, the seamless integration of macmon NAC now maintains these granular rules completely automatically.
Your added value: The integration of macmon secure and Check Point is delivered conceptually ready to take into account all daily workflows as well as the lifecycle of the end devices. Devices are logged on and off when entering and leaving the network. Changes due to relocation, long runtimes, changes of properties such as IP address, name or other details automatically lead to a respective update.
MobileIron was acquired by Ivanti on 1 December 2020 and is now managed in the portfolio under ivanti Endpoint Manager Mobile (EPM mobile).
Your added value: The integration of Ivanti allows you to read out all managed mobile devices to make them known in the macmon NAC solution and either grant or deny them access on the network. The unique approach to mapping those devices enables you to link a Ivanti label to a group in macmon. You do not need to do any manual policy enforcement to control access on your network. At the same time, the compliancy status can also be transmitted and in case MobileIron identifies a device as non-compliant, macmon is going to isolate the device.
Download White paper Ivanti macmon integration
NCP is the German leading vendor of Remote Access VPN Solutions for high-security access on central based data and resources. Especially companies with a great number of professional mobile users or Industry 4.0 driven businesses benefit by getting their administration simplified with NCP’s Secure Enterprise Solution for professional Remote Access Networks.
Your added value: macmon is able to display the systems and users connected through the NCP VPN in a comprehensive overview. In case of an endpoint should be disconnected from the internal network because of a specific event (e.g. security breach, compliance offence etc.), macmon is able to enforce the NCP Gateway to drop the VPN connection actively. If desired, even a common whitelist of approved endpoints can be used – this ensures to only give network access to trusted endpoints by covering WLAN, LAN and VPN.
Technology partnerships SDP
Swivel Secure is an industry-leading authentication solutions provider. Founded in 2001, Swivel Secure protects thousands of organizations in over 54 countries. Swivel's AuthControl provides multi-factor authentication (MFA) combined with single sign-on and authentication (SSO) for intelligent protection of cloud and on-premise architectures.
What added value does the combination with macmon SDP create?
By combining macmon SDP and Swivel AuthControl, access to cloud and on-premise solutions is even better protected. Zero Trust Network Access ensures that only authorized users on compliance-verified systems are allowed to access cloud and on-premise resources, while Swivel AuthControl protects logins to macmon SDP through multi-factor authentication and simplifies them through single sign-on. This improves and optimizes security and usability for secure access to corporate resources.
Learn in our whitepaper how easy Swivel AuthControl can be combined with macmon SDP.
Interfaces
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
As a user of macmon NAC you not only benefit from the high level security of the software along with easy handling and operation as well as the use of intelligent technologies, but also from the interface capability to other leading security products. Besides the common AntiVirus solutions, these include Endpoint security, IT emergency management, Intrusion Detection or prevention Systems (IDS/IPS), Asset Management Inventory, Security Incident & Event management (SIEM) and much more.
Infrastructure
macmon NAC learns about what devices are on the network by reading or receiving data of the network infrastructure . The development branch’s knowledge transfer with infrastructure manufacturers makes sure that this data is provided reliably and correctly for macmon NAC.
Technology partnerships NAC
macmon NAC reads ARP information from Allied Telesis network switches and enables macmon NAC to isolate or physically disconnect endpoints that are determined as non-compliant.
macmon NAC reads ARP information from Dell network switches and enables macmon NAC to isolate or physically disconnect endpoints that are determined as non-compliant.
Hirschmann products are technology and market leaders in the field of industrial networks. As a specialist in automation and network technology, Hirschmann™ develops innovative solutions that are geared to customer requirements in terms of performance, efficiency and investment security.
Your added value: macmon NAC can use the integrated RADIUS Server to perform central user management and authorize users based on the configured policies.
LANCOM Systems GmbH is the leading German manufacturer of network solutions for business customers and the public sector. LANCOM offers professional users secure, reliable, and future-proof infrastructure solutions for all local and multi-site networks (WAN, LAN, WLAN) as well as for central network management based on software-defined networking technologies (SD-WAN, SD-LAN, SD-WLAN).
Your added value: In the course of intensive collaboration, macmon NAC automatically detects all LANCOM devices and uses verified communication methods to identify all components including connected endpoints. NAC strategies can thus be implemented "out of the box" using both conventional network protocols such as SNMP and advanced techniques such as RADIUS-based 802.1X.
Download our white paper to get an example of how to configure a LANCOM switch and successfully implement NAC.
Since 1993, MICROSENS GmbH & Co. KG has been standing for fiber optic solutions. As one of the pioneers of fiber optic transmission systems, the internationally active company covers all performance sectors of fiber optic technology. Starting with solutions for future-safe office networking and high-availability in rough environments, the product portfolio ranges over large-scale site networking and interconnection of computing centres up to high-performance Wide Area Networks (WANs).
In all these fields of application, MICROSENS provides and ensures efficient, fast, and secure data transfer. As an internationally successful manufacturer, MICROSENS distributes its products on a worldwide scale. In addition to the company headquarters in Hamm in Westphalia (Germany), MICROSENS also has sales subsidiaries in France and Poland to optimally fulfil the diverse requirements of its customers on-site. Since 2006, MICROSENS has been part of the euromicron company group, which focusses on network and optical fiber technologies applied in the IT industry.
Your added value: macmon NAC reads ARP information from Microsens network switches and enables macmon NAC to isolate or physically disconnect endpoints that are determined as non-compliant.
macmon NAC reads ARP information from Nexans network switches and enables macmon NAC to isolate or physically disconnect endpoints that are determined as non-compliant.
Phoenix Contacts looks back on 100 years of experience and is a specialist for connection and automation technology in the fields of traffic infrastructure, electro-mobility, renewable energies, intelligent supply networks and energy-efficient mechanical and plant engineering. The broad product portfolio includes network switches in many forms, such as unmanaged, intelligent or managed switches that implement various protocols and standards such as PROFINET, Ethernet or 802.1X.
Your added value:
With the integration of network switches from Phoenix Contact, you can conveniently read and set VLANs on the interface in macmon, block and unblock network interfaces or read the 802.1X status. The complete function overview can be found in the whitepaper.
Restorepoint is a solution that you can backup and restore a variety of products with. You can chronologically archive their configuration and make your backups available again later.
Your added value: The deep integration of Restorepoint allows you to save the configuration and installation data of your macmon appliance. This process is automated and can be scheduled as well. On top of macmon’s own backup feature, that takes care of your scheduled backups in the background, Restorepoint centralises this approach and is especially useful and quick in unexpected crash scenarios.
Splunk is the world's first Data-to-Everything Platform. Now organizations no longer need to worry about where their data is coming from, and they are free to focus on the business outcomes that data can deliver.
Your added value: Splunk processes compliance incidents and network session data reported by macmon and visualizes them in concise dashboards - in real time! This way you have a comfortable overview of your company network.
Interfaces
Become a technology partner now
You would like to integrate your technology with the NAC solution from macmon secure?