With Genians, Korea’s major postal services now manage network access far more securely and productively
Background & Requirements
South Korea’s postal system is comprised of two major divisions, many affiliated agencies, and several thousand regional offices across the country. This large, highly-distributed organization is required to ensure the highest levels of security and availability for more than 70,000 network-attached endpoint devices of various types. Doing so initially presented a major IT operational and security management challenge, as the system’s legacy IP address management solution ultimately proved unable to scale sufficiently to manage the ongoing increase in new devices appearing on its network. Nor could it handle the burgeoning demand for BYOD support. IT therefore determined it was necessary to replace the legacy solution. To succeed in this effort, it was paramount to maintain existing network security and access policies so as not to negatively impact availability within the existing production environment. Along with achieving the fundamental goal of establishing a much more robust and flexible IP address management capability, IT also sought to improve the postal system’s overall security profile by implementing a world-class secure authentication framework.
The organization’s specific requirements were:
- Comprehensive visibility and control of all endpoint devices across the entire IT infrastructure
- Ability to identify exact device platform and user information to assign IP addresses more securely
- Seamless migration of legacy IP address management policies
- Enhancement of IP address management features, such as:
- Managing static IP/MAC addresses
- Preventing IP conflicts
- Provisioning IP addressing via an on-demand service
- An enhanced authentication process with API-enabled cross-platform information-sharing capabilities
- Detection of all installed endpoint software in real-time and enforcement of all versioning requirements via remote installation, including anti-malware definition updates
- Support for enterprise-wide BYOD initiatives
Genian NAC Enables IT Security Automation
- Allows creation of full security policy framework
- Provides for full migration of legacy policies
- Provides IP address name translation management, with mapping of static IP’s to dedicated devices and users and their related, comprehensive profile information
- Monitors IP address usage across the entire network in real time and allows for total, secure IP address control to the device and user level (Allow, Deny, Lease, Assign)
- Allows for resolution of IP address conflicts and prevents unwanted address changing
- Provides an agent-based authentication process and shares authenticated information with other IT security and operational solutions seamlessly through a single sign-on process
- Installs and maintains all required software for the entire complex of enterprise end-devices
- Provides a secure BYOD provisioning process for both wired and wireless network environments
- Logs all connectivity information including IP/MAC and user name in real time
- Detects and controls non-compliant devices immediately
- Provides a complete audit trail to demonstrate compliance and generate audit reports
Genian NAC Benefits
Genian NAC provides a centralized and intuitive management interface for IP addresses to allow enterprise IT systems administrators to easily control the usage of IP addresses and maintain comprehensive IT security compliance more effectively. Genian NAC can also be integrated with a wide range of existing IT security and business solutions (such as NGFW, IDS/IPS, MDM, SIEM, and organization intranets) to provide a holistic network monitoring and control capability.