Ensure Only Trusted Assets Access Network

  • Malware, Ransomware & Phishing Attack Prevention
  • Dynamic VLAN Assignment & Quarantining
  • Hardware & Software Agnostic
  • Agentless Security
  • Detect and Block Rogue Assets
  • Vulnerability Assessments
  • Non-inline. Plug Anywhere, Discover Everywhere

The “Trusted LAN” is too often overlooked as a critical area to secure. Given the proliferation of new devices and device types that have joined networks over the last five years including, virtual endpoints, BYOD devices and IoT assets, IT’s ability to identify and control this infrastructure has been significantly diminished. Clearly there is a compelling need to restore the “Trusted LAN”. 

Netshield integrates with AD (Active Directory) to provide two functions. The first is authentication so Administrators can use their AD credentials to login to Netshield. The second is to track AD logins to devices. Netshield periodically queries the Domain Controller for logins and then maps them to its list of managed assets. This helps identify which users logged into devices.

Control Your Network

Gain control of your network, identify all assets and block those who don’t belong.

Defense against zero day malware, ransomware and phishing attacks

Agentlessly audit assets, identify Common Vulnerabilities and Exposures (CVE)

Netshield is a next generation network and mobility access control solution that delivers critical functionality to the security value chain. Gain visibility and control over your trusted and un-trusted network assets through dynamic control of fixed, mobile and virtual endpoints.

  • Agentless Security
  • Malware, Randsomware & Phishing Attack Prevention
  • Detect and Block Rogue Assets
  • Hardware & Software Agnostics
  • Non-inline, Plug Anywhere, Discover Everywhere

 

Hardware Appliance

NetSHIELD delivers a rich feature set of agentless network access control (NAC) and critical intranet security that firewalls and AV solutions do not address & where 95% of today’s breaches occur.

Additionally, zero-hour malware and phishing attack real-time quarantine, mac-spoof detection, TLD blocking, comprehensive auditing, vulnerability assessments, and compliance reporting & enforcement make this a comprehensive and compelling offering.

The NetSHIELD solution is available as a hardware appliance that scale from 25 to 10,000 protected assets per appliance.  An embedded command center allows administrators to manage up to 1000 remote sites

Non-Inline Appliancee

Netshield is a Layer-2 NAC (Network Access Control) appliance that protects the network by allowing trusted devices while denying untrusted devices. It is non- inline and agentless and typically installs in thirty minutes. Operating at Layer-2 allows Netshield to see all devices connected to defined network segments. An initial discovery is performed using an ARP ping sweep to create a trusted baseline and provide the IT team visibility into all connected devices.

The Blocking Engine is used to prevent untrusted devices from participating on the network by sending a small stream of traffic to the untrusted device preventing it from communicating. In addition all of the other trusted devices are ARP poisoned so they cannot communicate with the untrusted device. Netshield also has SmartSwitch integration to tell the switch to shut off the port of an untrusted device or move it to a quarantine VLAN. Netshield communicates over SSH to the switch command line.

 

 

Assets

The Asset Detection Engine is enabled to identify all devices by listening to ARPs and ARP broadcasts. Additionally an ARP ping sweep is performed periodically to detect any additional devices. New devices discovered by the Asset Detection Engine will automatically be untrusted until allowed by the administrator.

Malware

The Malware Engine looks for connection attempts to known malware or phishing sites and will untrust and block the device making the attempt. The Monitor (MON) port of Netshield is connected to a mirror port of the uplink connection of the top level switch and looks at the destination of outbound requests. If a user clicks on a link in an email that takes them to a known bad web site, Netshield will untrust and block their PC. When the packets with the malicious payload come back to the network they will be dropped because the user’s PC is no longer on the network. 

Audit

Netshield has an Audit Engine that scans network devices for CVEs (Common Vulnerability and Exposures). It assumes the posture of a hacker inside the network and probes devices for open ports, vulnerable services, default logins and more.