Network Access Control Addressing Today’s #1 Business Challenge for IT Security Professionals John Abraham Western Region Sales Engineer Sunday, April 12, 2015 © 2012 Bradford Networks. All rights reserved. Agenda • • • • • • Introductions Project Discussion Environment Review Product Overview Interface Presentation Q&A © 2012 Bradford Networks. All rights reserved. Milestones 3.5 Million Users & Devices Secured 900+ Customers 1 Million Users Secured 600+ 500 Suffield Academy 100 200 1 Bradford Software Bradford Networks Company founded as Incorporated as Bradford Software & Bradford Networks Consulting, LLC First commercial network security product shipped 1999 2002 © 2012 Bradford Networks. All rights reserved. 100 customers by 2004 200 customers by 2006 CRN Emerging Vendor 2007 Campus Forrester Wave Technology 2008 “Leader” Innovator 2008 Gartner Magic SC Magazine Quadrant 2009 Innovator 2008 “Visionary” SC Magazine Innovator 2007 Series A Funding 2004 2006 2007 3 2008 SC Magazine “Best Buy” 2009 & 2010 Forrester Wave 2011 “Leader” Gartner Magic Quadrant 2010 “Visionary” 2009 2010 2013 What We do CONTROL Solve Real-World Security Challenges Identify Identify every user and device on the network Validate Validate security posture of devices Notify Notify through automated alerts/messages Remediate Remediate non-compliant devices Enforce Dynamically enforce security policies Audit Log and report for regulatory compliance © 2012 Bradford Networks. All rights reserved. How We Do It Visibility & Control Executive ADAPTIVE NETWORK Integrate CorrelateSECURITY • Integrate with existing infrastructure PLATFORM Integrate Integrate Correlate Correlate Automate Automate • Identity Network • Discovery Adaptive • Posture • Control • Policy Platform • Remediation Security Adaptive Network Device Security Platform • Desktop • Network • Security Device Remediation State Engine Device Policy Engines Engine Engines Policy Engine Remediation Enforcement Remediation Policy Engine Enforcement • Correlate information • Automate processes • Adapt to changing conditions • Phased policy activation We call this “Adaptive Network Security” © 2012 Bradford Networks. All rights reserved. Out of Band Architecture 6 © 2012 Bradford Networks. All rights reserved. License Structure Wireless LAN Secure Mobility License Secure Enterprise License (Wireless LAN Only) (Wireless, Wired, VPN) Advanced Standard Advanced √ √ √ √ √ Wired LAN √ VPN Network Visibility √ √ √ Device Identity √ √ √ User Identity √ √ √ Provisioning √ √ √ Endpoint Compliance √ √ Third Party Integration √ √ Device Profiling √ √ Advanced Guest Management √ √ © 2012 Bradford Networks. All rights reserved. 7 Visibility and Automation © 2012 Bradford Networks. All rights reserved. 8 IDENTIFY • Network Environment • Wired and Wireless • All Points of Access MONITOR • All Network Connections • All Endpoint Devices • Ongoing Monitoring BASELINE • Users/Device Association • Endpoint Profiling • Endpoint Compliance NOTIFY • Rogue Connections • Policy Violations • Email, SMS/Text ENFORCE • Port Level Control • Multiple Mechanisms • Remediation Thank You © 2012 Bradford Networks. All rights reserved.