• Home
• Solution Center
  • Architecture Overview
  • Security & Compliance Plans
  • Solution Briefs
  • Request Demo or Quote
• Services
  • Services Overview
  • External Security
  • Internal Security
  • Support & Maintenance
• News & Events
  • News
  • Events
  • Event Sign-up
• Company
  • Contact Us
  • Careers
  • Partners

NAC On-Demand™ Managed Security Offering

"Network Access Control is the most revolutionary security technology since the invention of the firewall”

– Peter Bybee, President/CEO

 NAC On-Demand Data Sheet

Overview

NAC On-Demand™, powered by Mirage Networks is the security industry’s first and only full cycle managed NAC service.  The service is currently provided through Security On-Demand’s “Security-as-a-service” delivery platform, which speeds deployment, reduces management costs, and dramatically improves the solution ROI to the customer.

Solution Advantages

Our Security-as-a-Service business model and technology platform offers unique and significant advantages compared to the technology and staffing implementations of organizations that struggle to proactively maintain and manage security internally or through a consultant.

Key Business Benefits include the following:

• Full Cycle NAC Protection – Incorporates both “pre-connect” and “post-connect” into the solution thereby ensuring a comprehensive approach to network and endpoint protection

• Plan Flexibility – Ensures that you only pay for the level of management that you need and can afford.  Service plans range from Self-Serice to Fully Managed.

• Zero Cost – Hardware can be included as part of the solution or can be owned by the client, however we’ll full maintain, patch, update, and keep the systems current regardless.

• Simplify Your Security – The service can augment what you may already have or even replace multiple internal security layers, improving your security and making it easier to manage.

• Security Event & Incident Visibility - We provide a level of event transparency that is currently unparalleled in the industry.  You can access a secure web portal for up to the minute information on security events, triage actions, severity levels, open incidents being investigated, compliance reporting, etc.

In addition to being a standalone services offering, NAC On-Demand™ can be combined with other Security On-Demand™ managed security services, our solution offering provides the most comprehensive security protection and compliance management services available in the industry. 

Service Level Customization

Each NAC On-Demand™ Service plan, whether EndPoint Security or Network Protection has multiple service levels (Bronze, Silver, Gold, & Platinum).  Selecting the right service plan(s) and  level depends on what the security goals and risks are are for your organization. 

We have carefully developed each service offering and plan level to address security risks that you are likely facing in your own environment.  Questions regarding your security goals typically include the following:

• What are your oranizations security goals?  What kinds of security policies do you want to enforce?
• What kind of compliance requirements are you subject to?
• What kind of user authentication best fits your environment and user culture?  How will you address out of policy (non-compliant) users?
• What freatures do you want to include in your end-point posture assessment? (AV, patch levels, security scanning, Identity management, etc.)
• Are you concerned with unauthorized endpoints from accessing the network?  Will you be focusing on guest users or extending to internal network users?

Again, this are only a sampling of questions that are typically addressed as part of the process, we encourage you to consult with us further to help design the solution that is right for you and your organization.

Solution Components

The NAC On-Demand™ managed service offering has 4 primary components which are further described as follows:

1. Authentication – We support multiple authentication options including 802.1x/EAP, web-based authentication, and support for a clientless approach which does not require and rollout of end-user software clients on end-points.

2. Environment – We use environmental information for continuous policy decision making including such questions as

• Where is the user coming from?
• When is the access request occurring?
• What is the end-point security posture of the end-point?
• How does the user operate and interact with the network environment, other users, applications, and devices after connecting?

3. Access Control & Enforcement – We incorporate information derived from authenticating the user with various environmental criteria to determine access to network resources. 

• Access Control – As part of the client’s security policy, we incorporate control granularity such as whether the user can join the network, is assigned to a particular VLAN, etc.

• Policy Enforcement – According to the client’s security policy, the client can further determine whether they are assigned into a remediation or quarantine zone, or sent to a remediation portal where the user can obain security patches, AV signagures, etc.

4. Management – We provide a robust management fabric to manage and report policy violations in a real-time environment.  Our management architecture scales across multiple sites, via the WAN, MPLS network, or the Internet over encrypted SSH tunnels to send and receive data between the management server and the sensors.