PERFORMANCE & COST-EFFECTIVE ENTERPRISE LAN
Networks secures enterprise LANs with a purpose-built
system that preserves data integrity, ensures network
availability and supports regulatory compliance
initiatives at compelling price/performance levels.
ConSentry's solution leverages a breakthrough, patent-pending
silicon architecture that allows continuous identification
of all LAN traffic and enforces user access to authorized
resources and applications at wire-speed, in real-time.
Enterprise LANs today involve more than just connectivity
with contractors, insiders and guests all requiring
access to the LAN. It's now about securing the LAN.
ConSentry's platform affordably delivers LAN security
with the performance and simplicity required to
make it viable to deploy.
Performance: The Power of the LANShield·Silicon
Enterprise LANs have performance requirements that
are orders of magnitude greater than WAN links.
Today's wiring closet switches have gigabit, and
often multi-gigabit links up to the core or aggregation
layer. Only ConSentry's patent-pending LANShield
silicon architecture is capable of delivering breakthrough
secure processing throughput and the flow acceleration
needed to fully visualize and control LAN-based
communications. ConSentry's platform enables deep
packet inspection at 10 Gbps throughput on user
and network core traffic.
Innovation in the LAN: Building User and
Application Control into the Network Fabric
The ConSentry platform binds a user name to an IP
and MAC address as the user authenticates to the
LAN. Once bound, this user information is tracked
and utilized for policy enforcement, authorization
and reporting on a per user basis.
Most traditional security devices can only inspect
and control traffic up to layer 4, which means web-based
applications which tunnel under port 80 and LAN-based
applications which create their own internal layer
4 port identifiers are not visible and can't be
controlled. For this reason relying only on layer
2-4 data is insufficient to control and understand
traffic. ConSentry's platform classifies traffic
up to layer 7 for each new flow enabling robust
Transparent Security & Seamless Network Integration
Securing the LAN should not mean replacing the LAN.
Rather, solutions must leverage the existing installed
network equipment. LAN-based security solutions
must integrate with existing authentication, identity
management and host integrity systems. The ConSentry
platform does exactly that, as a transparent bridge
between the wiring closet switches and core/aggregation
switch layer. Deploying seamlessly into an infrastructure,
ConSentry leverages LAN investments.
Any LAN security solution needs be as simple to
manage as existing switches. Solutions should not
require complex security event managers to correlate,
rather should provide user-based, violation indexed
reporting to allow IT to take immediate action when
a security incident arises. The ConSentry management
platform provides IT staff with a centralized, easy-to-use
and actionable control panel for a uniform view
of user activity and incidents across the LAN.
Networks is poised to significantly impact the Security
Policy Enforcement landscape. Examples of the application
relevance of the ConSentry solution are characterized
PCI Data Security Standard
- The ConSentry Alternative
Control Tech Brief
learn more about the viability of ConSentry, please
or direct request.