Next Generation Network Access Control: Here Now
Control access to your network and data by context and policy controls
Context Aware Access Control
So, why is identity-based access control part of your industry adherence to regulatory compliance and network security?
Internal users can not be trusted with sensitive information, attackers often access corporate resource via softer targets such as employees and privilege users through techniques such as phishing, spyware, hacking – to gain enough information about the employees identity or access credentials that they can again some or all access to your crown jewels (data).
Our solutions address every security requirement across the complete mix of Windows, Linux and UNIX environments.
| >
Contextual Access Control > Policy Enforcement Gateway > Identity Governance |
>
User Identity Lifecycle Management > Application Access Control |
Who, What, Where, When, How
Who, what device, where they are located, time of day, and specific check of their device status.
Before presenting any users with visibility of applications or access to data, systems performs a number of reconnaissance checks:
> Who
> Where
- (Geographic: identifying between locally and remotely authenticated user accounts)
- Certificate properties - validity, expiration, and whether they are self-signed or have been issued by a Certificate Authority listed in a block list.
- Device OS
- Device patch level
- Time of day
- Context-aware enables access to be granted based on user-specific variables, including user, location, device and role.
> Automate policy-based dynamic user access
> Block access and visibility to everything, except what users are allowed to access by policy / context rules. Further rules applied to what actions can be perform with specific sensitive data.
> Centralised Management
Centrally configure and manage context-based user access automatically; deny or limit access based on criteria, such as: user, device, and geography / location, time, ensuring compliance with your data governance policies and saving time and inconvenience for any user or administration intervention.
Centralising the management of network, application and data access across on-premise, private and public cloud platforms - break down SaaS data silos and increases user productivity.
> Policy-based solutions minimise user interaction
Enables administrators to simplify and secure remote and local network, cloud, and application access for end users by configuring policies that automatically enable the appropriate network or cloud connection - with no user interaction required.
> Make your infrastructure invisible
SecureNet Consulting are delivering the next generation of security for today’s global and distributed business, without requiring a huge investment in order to achieve scalable, one-to-many security.
Traditionally networking technologies and IT departments approached access gateways (edge and internal network switches) starting with the premise of unlimited access, and then locking down the exploding number of applications on a case-by-case basis. This has been proven to no longer work. Sony, eBay and others have paid a heavy price when compromised credentials subsequently allowed access to valuable applications and data.
The best approach surely is to make the entire infrastructure invisible, and then deliver access when the user and device are authenticated - only for that specific session.
Utilising context-based checks (including device, location, time, group, configuration and more) - policies dynamically define access to applications. This secure access solution does not depend on a traditional network perimeter model or require specific hardware, it can be used across cloud and hybrid environments by leveraging software defined virtualisation techniques.
+44(0)7714 209927
| 
info@securenetconsulting.co.uk
|