Isolate Dangerous Devices
Automated Enforcement of the Central Company and IT Security Guidelines!
In addition to the network access control, detailed monitoring of the authorized systems with respect to compliance with the security guidelines is increasingly important. In many situations, "small security breaches" are adequate to provide easily accessible points of attack. Permanent monitoring of the "compliance status" and automated enforcement of guidelines is thus indispensable. As a specialist for network access control, macmon secure is aware of this requirement. With macmon compliance, macmon is the first manufacturer to offer the option to use multiple, connectable components in order to effectively enforce the company guidelines.
The decisive factor here is that 99% of the companies already use systems that are capable of ascertaining the compliance status of the endpoints and informing the administrators about any discrepancies. However, almost all of them commonly require manual enforcement of the guidelines or the enforcement is reactive at best.
Here, macmon Network Access Control solution offers the required, decisive support: The macmon compliance add on module includes four different components: Depending on the requirements, the compliance status can be received from external sources, actively solicited through connection to external databases or actively determined by macmon agents. Additionally, macmon can use events from the integrated IF-MAP technology.
Open interface to any manufacturer independent sources
Smartly use of any, manufacturer independent sources to transfer the compliance status of an endpoint to macmon. Connection of multiple and different sources is also easily possible at the same time.
macmon´s Own Antivirus Connector
Enables you to connect to leading antivirus systems such as Kaspersky®, Sophos®, Symantec®, McAfee®, G-Data®, F-Secure® or TrendMicro®, in order to be able to automatically react to critical events without necessitating configurations in the antivirus management tool itself.
macmon's Own Compliance Agent
That are managed centrally using the macmon GUI. If a solution has only been partially implemented for monitoring the compliance of the endpoints with the guidelines or if no solution has been found for the same, the macmon agent is used.
Using this, participating products can publish their status on the network, while macmon can also respond to corresponding messages and in turn isolate threat generating systems from the network. More you can find at www.esukom.de
Regardless of which of the four components are used: Endpoints classified as unsafe are automatically isolated according to the applicable rules and moved to a quarantine VLAN or even a remediation VLAN to update their security statuses in this protected environment. After updating successfully, the systems are immediately re-assigned to their original environment in the network.