With the version 5.15.0, macmon NAC has reached another milestone. In addition to several new and improved functionalities, the overall performance could be again significantly increased. The processing speed of large amounts of data, such as those found in DNS, network device detection and footprinting, benefits in particular from this.
In the optimized dashboard, you can now also see in detail the values of unauthorized devices in network status and macmon NAC assesses the situation. macmon NAC now also offers you the option of searching for IPv4 and IPv6 ranges using new and enhanced filter assistants or to use the AND or OR function more granularly. Furthermore, RADIUS authentication information has been enhanced in reporting and included in a RADIUS NAC report. Original logs are now listed under Auditing.
Scalability - the next step
In addition to various improvements and optimizations that have been coordinated with customers, you now have the opportunity to also implement NAC over SNMP with macmon satellites and thus also to implement decentralized NAC. The synchronization process was significantly accelerated and hardened against disturbances. Furthermore, detailed status messages provide more transparency about the synchronization and system status of the satellites.
Benefit from optimizing the integrity of our unique Past Viewer feature. Store and evaluate the history of endpoint sessionsin the network effectively. On the one hand, the collected information was supplemented by further details and the search for historical data was made more flexible. On the other hand, the storage can be ensured by additional buffers. This secures the data even if an externally used database is not available in the meantime.
macmon REST API
With a much wider range of functionalities, the macmon REST API now covers almost all areas of macmon NAC. Thus, the possibility to set manual links was added and the intelligent access to endpoints was extended. So not only the information about company devices, guest devices, and BYOD devices, but from now on about any other unknown/discovered devices are available. Last but not least, the API also enables guest management and Wake-On-LAN.
For logins to a network device, the macmon RADIUS server can now be used for authentication. For this purpose, a separate set of rules is available in macmon NAC, which makes access options manageable accordingly. The switch port layouts stored in the network device class can be configured and displayed graphically. These features are only available in conjunction with the separate Switch Viewer license.
Access VLANs configured on the switch ports can now be automatically adopted as terminal standard VLANs. Other VLAN concepts can be implemented flexibly, extending to parallel operation with other VLAN management solutions. By activities and on demand you will be informed by e-mail about the event ID and get with one click directly to the process.
More methods - more network diversity
Various new methods are included again to support the network device diversity. Take advantage of extended capabilities for SonicWall Firewalls, Cisco WLAN Controller 5500, and switches from HP (1910s), Ruckus, Extreme (Rail), Alcatel (Industrial), Enterasys and Moxa.
The creation and management of guests and vouchers via the macmon guest portal has been expanded and is now much more flexible. So you can now differentiate between usage duration and usage time range and renew vouchers earlier. In addition to texting, sending SMS to guests by extension or expiration of the usage duration is implemented. The portal page can now also be displayed in Spanish and Italian. The site now also offers an optimized display of details and messages for administrators and guests.
With the new integration of FireEye, endpoints that FireEye classifies as dangerous or infected are marked as "non-compliant" in macmon NAC and accordingly automatically isolated. The FireEye integration is activated via a configuration dialog and enables the reception and processing of status information of individual endpoints in the network. FireEye's messages are not configurable, so this new mechanism will translate and record the messages. This functionality requires the use of the Premium Bundle in conjunction with macmon Compliance.