Next-Gen Network Access Control

Genian NAC

Secure Any IP-Enabled Devices, No Matter What.

Securing the Edge, Quickly & Accurately

Less Touch, Greater Results.

Essential NAC

Genians’ Next-Gen NAC provides any organization with the most essential cybersecurity features and functionalities. These act as a seed from which one can cultivate a robust cybersecurity environment while offering the most affordable pricing and flexible deployment options.

Actionable Compliance

Achieving cybersecurity in the real world means going beyond the constraints of any given set of compliance requirements and taking the necessary actions that an active, real-time approach to security management necessarily involves.

Genian NAC supports practical security compliance by providing real-time network surveillance for all the assets in your network and ensures that are all compliant with your IT security policies. Without disturbing existing IT infrastructure or impacting systems availability, Genian NAC gathers and monitors the hardware and software asset information of all IP-enabled devices. It then leverages its Device Platform Intelligence capability to determine each device’s technical and business contextual details, identifies all known or potential device vulnerabilities, establishes the level of user access to be provided, and ensures that all detected devices are being compliant.
Features

Non-disruptive Sensing & Access Control at the edge

Genians’ Next-Gen NAC provides any organization with the most essential cybersecurity features and functionalities to keep network assets safe and secure. Without disturbing existing operations, Genians’ Next-Gen NAC ensures full network surveillance for all network-enabled devices and provides dynamic access control to maintain compliance with IT security policies. It then leverages automation to orchestrate an organization’s entire security portfolio in concert with NAC to achieve an optimally secure network access environment.

Network Surveillance

Genian NAC can monitor IP-enabled devices on your network in real-time using a non-disruptive Layer 2 based Network Sensor and classifies those devices and their users into logical groups based on your business requirements. Genian NAC has the intelligence to sort out a wide range of network-connected devices and their states to present immediate, meaningful, and actionable information.

Coverage

  • Monitor heterogeneous network environments without changing existing network configuration
  • Monitor wireless packets by Wireless Sensors or Agents
  • Monitor all managed, unmanaged, and even legacy networking devices

Detection

  • Provide the most accurate device platform information and see access trends
  • Discover contextual access information (Who, What, Where, When, How)
  • Detect compliance status change on time

Observation

  • Find non-compliant, unknown, rogue, misconfigured devices
  • Discover abnormal network traffics (e.g. ARP Spoofing/Bombing, MAC/IP Cloning, Port scanning, Invalid Gateway)
  • Present personalized information through fully customizable dashboards

DEVICE PLATFORM INTELLIGENCE (DPI)

“Device Platform” refers to any hardware or software, or any combination of hardware and software (OS), used to access a network.

Genian NAC incorporated with Device Platform Intelligence (DPI) can present the most accurate device identity, its contextual, and its risk information in order to enhance network visibility and secure network access for the IoT era. DPI can be shared through the Genians Cloud.

Identity

Distinct information

  • The name of Device Platform consists of manufacturer, device name, model number (Integrated with the Common Platform Enumeration (CPE) dictionary)
  • The actual picture of the device platforms
    The list of device fingerprinting sources
  • Network connection type (Wired, Wireless)
    Released Date

Context

Business Information

  • Product end of life (EOL)
  • Product end of support (EOS)
  • Manufacturer business status
  • Manufacturer location (Country)
  • Manufacturer homepage

Extended Information

  • Linked to Product webpage
  • Linked to Google search engine

Risk

Technology Vulnerability

  • Provide Common Vulnerabilities and Exposures (CVE)
  • Report device platforms exposed to vulnerability issues in real time
  • Alert and notification

Business Vulnerability

  • Report manufacturer/vendor going out of business or being acquired, which can introduce systems that cannot be upgraded or patched

NAC

Genian NAC leverages multiple techniques to enforce IT security policies dynamically using contextual information (What, Who, When, Where, How) to quarantine any non-compliant devices and remediate them to be compliant through automated processes.

Dynamic Acess Control

  • Condition-based grouping (Over 500 predefined conditions)
  • Policy assignment based on the status change of endpoint compliance
  • End-to-end access control inside of LAN

Multi-layered Access Control

  • 802.1x: Built-in RADIUS server
  • DHCP: Built-in DHCP server
  • Layer 2: ARP Enforcement (using Network Sensor)
  • Layer 3: TCP reset (using Mirror/SPAN Sensor)
  • Layer 3: Inline Enforcement (Dual-homed Gateway)
  • Agent: NIC/Power Control, Alert Popup
  • Integration: Firewall, Switch port shutdown (SNMP,Webhook)

Mobile, BYOD, Guest

In the hyper-connected world of the Internet of Things (IoT), organizations are grappling with implementing Bring Your Own Device (BYOD) initiatives to deal with the rapidly evolving and increasingly complex tsunami of mobile devices, from laptops and tablets to other smart ”Things”, such as phones, watches, cars and more. Genian NAC can provide flexible and secure network access, wherever you are located, and for whatever devices you bring to the network.

Onboarding Process

  • Check user authentication and device compliance status
  • Guide users to meet compliance (Self-service process)
  • Provide role-based access control

Secure Access Request

  • Captive Web Portal service
  • Built-in RADIUS server (802.1x)
  • User authentication (AD, local DB, RDBMS, Google G-Suite)
  • Request approval system (Device, IP, User, Peripherals)

IP Address Management (IPAM)

Through our intuitive IP matrix interface (Class C Subnet mask), see how many IP addresses are being used and available, which IP’s are assigned via DHCP, which are reserved, and more.

Monitoring

  • See the usage of IP address for each network segment
  • Identify who/what device connecting to an IP address
  • Monitor the change of IP addresses

Comprehensive IP Management

  • Built-in DHCP Server
  • IP Address (Allow, Deny, Lease, Assign)
  • IP Conflict / Change Prevention
  • MAC/IP Cloning Detection

Switch Port Management

See how many devices are connected to specific ports, their connection status, port-level security, 802.1x information, traffic, utilization and more. Using 802.1x port-based access control, control any ports connected to non-compliant devices.

Monitoring

  • Identify how many devices are connected to specific ports
  • Check the authentication status of connected devices
  • Monitor Switch port status (Up/down, Security, 802.1x, VLAN, etc.)

Port Management

  • Switch and Port Description
  • Administratively Down
  • Discover Top 10 Switch Port Traffics

WLAN Security

Genians’ Network Sensor has the capability of scanning all SSIDs in your network and identifying who connects to which SSIDs, capturing not only your organization’s APs but also neighboring APs and controlling what is connecting to those APs. You can allow or deny Wifi-enabled devices accessing different SSIDs based on their policy compliance by groups, such as Authorized AP, Rogue AP, Misconfigured AP, Tethering device, and more.

WLAN Monitoring

  • Detect SSIDs by Wireless Sensor or Agent
  • Discover all connected wireless devices per SSIDs
  • Discover where SSIDs are located
  • Detect APs connected to corporate networks

WLAN Compliance

  • Detect non-compliant wireless devices (APs, mobile devices)
  • Detect rogue and misconfigured APs
  • Detect hidden APs and softAPs

Wireless Connection Manager

  • Manage wireless connection profile
  • Disable SoftAP
  • Provide a single-click wireless connection service
  • Allow connections only to authorized APs
  • 802.1x supplicant plugin (EAP-GTC)

Endpoint Security

Manage all desktop configurations, applications, OS Updates, peripheral devices, wireless connections and more. Standardize the configuration of corporate-owned devices automatically and control them remotely.

  • Change Computer Name
  • Check Password Validation
  • Collect System Information Using WMI
  • Configure Windows Security Settings
  • Control OS Updates (Works for the isolated network)
  • Configure 802.1X Wired Authentication
  • Profile Settings
  • Control Antivirus Software Settings
    Control DNS
    Control External Devices (e.g. USB, Printer)
    Control Internet Explorer Security Settings
  • Control Network Folder Sharing / Interface / Traffic
  • Control Power Options, Screen Lock
  • Provide Wireless Connection Manager (Zero configuration)
  • Control WLAN
  • Deploy Files
  • Inspect TCP Connections
  • Manage ARP Table
  • Install / Remove software
  • Run Scripts
  • Terminate Processes

IT Security Automation

Genian NAC integrates a wide range of IT security and business solutions (Firewall, VPN, IDS/IPS, VM, MDM, SIEM, APT, DLP, CRM/ERP, etc.) to ensure unified policy enforcement. Genian NAC supports custom integration using Webhook, REST API, and Syslog.

Perimeter Security System (Next-gen Firewall)

  • Give: IP-User information for user-aware policy
  • Take: Receive Infected Endpoint IP or MAC then quarantine it

Threat Detection System (SIEM, ATP, VA, EDR)

  • Give: IP information (user, history, platform.)
  • Take: Receive Infected Endpoint IP or MAC than quarantine it

Enterprise Mobility Management

  • Give: New device information
  • Take: Block mobile devices if EMM agent is not installed

Critical Security Controls (CIS) for Effective Cyber Defense

Cybersecurity compliance and the management of security risk are clearly two different things. Yet achieving the optimal cyber-defense framework for your organization requires that the two are managed in a mutually supportive fashion. Genians’ Next-Gen NAC supports this approach by leveraging the Center for Internet Security (CIS) Controls.

The CIS Controls provide global standards for cybersecurity. These have become recognized around the world for providing a set of best practices that can be leveraged to secure IT systems and data against attacks.

Without disturbing existing IT infrastructure or impacting systems availability, Genian NAC gathers and monitors the hardware and software asset information of all IP-enabled devices. It then leverages its Device Platform Intelligence capability to determine each device’s technical and business contextual details, identifies all known or potential device vulnerabilities, establishes the level of user access to be provided, and ensures that all detected devices are being compliant. Additionally, Genians NAC can integrate with security solutions such as NGFW, SIEM, and EMM to share intelligence to respond to cyber threats on time. Additional controls, such as those below, can also be implemented efficiently using Genian NAC.

7. Email and Web Browser Protections
8. Malware Defenses
9. Limitation and Control of Network Ports, Protocols and Services
10. Data Recovery Capabilities
11. Secure Configuration for Network Devices, such as Firewalls, Routers and Switches
12. Boundary Defense
13. Data Protection
14. Controlled Access Based on the Need to Know
15. Wireless Access Control
16. Account Monitoring and Control
17. Implement a Security Awareness and Training Program
18. Application Software Security
19. Incident Response and Management
20. Penetration Tests and Red Team Exercises

Genians’ Next-Gen NAC can support the necessary balance between the dictates of compliance and an organization’s need to maintain operational security practice in tandem.

Components

No disruption in Network Operations. Low Impact to the end-user

Understand How Genian NAC Works​

Review and refine device platform information via the cloud and deliver the most accurate, up-to-date device platform information to Policy Server on a weekly basis.

Establish security policies based on Node info collected by Network Sensors and Agents.

  • Distribute established policies to Network Sensors and Agents
  • Communicate with Network Sensors and Agents to secure access control
  • Integrate with user database and third-party security solutions

Network Sensor

Collect Node Information from network and enforce access control polices.
  • Apply (or enforce) established policies from Policy Server to targeted Node (or Node groups)
  • Detect all SSIDs by listening wifi signals
  • Identify who is accessing valid (enterprise-owned) APs, neighbor APs, or rogue APs
  • Support 802.1q Trunk Port

Agent (Optional)

Control endpoint system (all installed hardware and software) information in detail
  • Execute policy enforcement as well as management tasks through the use of Plugins.
  • Operate as a Wireless Sensor to provide wider and more in-depth coverage to detect any possible Wifi activities such as Ad-hoc mode, SoftAP, and Tethering.
Simple 3 Steps for Pricing

You Pick, We Deliver.

Before You Calculate

Know how Genians' Licensing Model works

Genian NAC only counts the number of ACTIVE devices currently up and running in the network. Nothing else! Only active, connected MAC addresses are considered in this calculation.

1. Pick an Edition for your needs

Experience Genian NAC with greater convenience and effectiveness in matching the right product edition to your needs. Unclear how to proceed? Simply get started with the Basic edition. It’s completely free for environments up to 300 devices (On-prem version)

2. Pick a deployment Option for your network

Genians provides three flexible deployment options:

  • On-Premises NAC: Install and run Genian NAC on the premises of your organization using the Genian NAC software
  • Cloud NAC: Run Policy Server in the Cloud either managed by Genians or Yourself.
  • NAC as a Service: Deliver NAC as a Service for your MSP business or organizations ready for Cloud services

3. Let's Find out how much it costs

Genians provides three flexible deployment options: On-premise, Cloud-managed, and Network Access Control as a Service (NACaaS) for Managed Security Service Providers. From these, organizations can choose the best option for their particular business requirements.
Trial

Get Started the Right Way

Genian NAC delivers the most essential cybersecurity features in an all-in-one format, while offering an affordable pricing model. Genians provides three flexible deployment options: On-premise, Cloud-managed, and Network Access Control as a Service (NACaaS) for Managed Security Service Providers. From these, organizations can choose the best option for their particular business requirements.

On-Premises NAC

Registration required.
Contact Us for Pricing
Learn More

Cloud NAC

No credit card or phone call required.
Pricing
Learn More

NAC as a Service

Scroll to Top

We use cookies to help improve this website and enhance your browsing experience You can change your cookie settings at any time. • Privacy • Terms