Network Access Control (NAC)

NAC solution for wired and wireless LAN

  • Deploy physically or virtually
  • Role-based access controls, discovery, and authentication
  • In-depth reporting on user activity

Click to talk to a network expert

Request a Demo

A multi-vendor solution that provides an unparalleled range of choices for fine grained network access control.

Network Access Control (NAC) is a complete standards-based, multi-vendor interoperable pre-connect and post-connect Network Access Control solution for wired and wireless LAN and VPN users. Using Extreme Networks NAC Gateway appliances and/or NAC Gateway Virtual Appliance with NetSight NAC management configuration and reporting software, IT administrators can deploy a leading-edge NAC solution to ensure only the right users have access to the right information from the right place at the right time including time of day, location, authentication types, device and OS type, and end system and user groups.

From Our Blog

What Qualifies as a Medical Device?

The rules have changed, is your hospital secure? Does anyone remember the old Motorola razor phone? If you had that…

Read More

74% of Schools Have A Student Retention Problem [Infographic]

As follow-up to our blog on student retention systems, we surveyed educators and IT managers at academic institutions worldwide about their plans…

Read More

BYOD & Guest Account Services Included

Automated BYOD registration allowing users to register their own devices using their credentials with no IT intervention.  Guest registration access control features to assure secure guest networking without burdening IT staff. Also supports guest self-registration, sponsored registration, pre-registration, and support for contact verification via SMS or email.

Fine-Grained Configuration Options

Network Access Control configuration options provide an unparalleled range of choices for fine grained network control. These configuration options include time of day, location, authentication types, device and OS type, and end system and user groups.

Identity-Aware Networking

Provides user identity functionality including discovery, authentication and role based access controls. The process of managing the user’s lifecycle (e.g. enrollment, role changes, termination) can be automated and linked to other business processes with LDAP and RADIUS integration.

Endpoint Baselining and Monitoring

Provides agent-based or agent-less end-point assessment capabilities to determine the security posture of connecting devices. It is, aligned with industry standards, works with multiple assessment servers, authentication servers and security software agents to match the needs of organizations who may have existing assessment technology.

Open Architecture for Assessment

Allows easy integration with other third party network management tools for MDM integration, threat response (Next Generation Firewall (NGFW), Security Information and Event Management (SIEM), Intrusion Prevention System (IPS)) and more.

Available as a physical or virtual appliance

Provides the flexibility to meet any installation requirement.

Easy integration with third party management tools for MDM, Next Generation Firewall (NGFW), SIEM, IPS and more

Network Access Control (NAC) is a complete standards-based, multi-vendor interoperable NAC solution for wired and wireless LAN and VPN users. The Network Access Control advantage is business-oriented visibility and control over individual users and applications in multi-vendor infrastructures.

Network Access Control Benefits
  • Centrally manage and control the security posture of all devices connecting to the network, including employee bring your own device (BYOD)
  • It offers the flexibility to choose whether or not to restrict access for guests/contractors to public Internet services only
  • Managed guest access control with sponsorship, SMS verification, pre-registration, and other options
  • Comprehensive dashboard reporting and advanced notification engine
  • Enables the homogeneous configuration of policies across multiple switch and wireless access point vendors. This capability significantly reduces the burden of policy lifecycle management and eases Network Access Control deployment in wired and wireless heterogeneous infrastructures
  • Works in any environment – Extreme only network, Extreme and third party network, and non-Extreme network
  • Protects existing infrastructure investments since it does not require the deployment of new switching hardware or that agents be installed on all end systems
  • Protect critical corporate data by restricting and/or controlling unauthorized access to network resources
  • Address compliance and regulatory requirements by control access to sensitive data and then providing comprehensive reporting on user activity. Additionally, reporting data can be exported to other third party reporting tools
  • Automate endpoint isolation, quarantine, and remediation, plus ongoing threat analysis, prevention, and containment
  • Performs multi-user, multi-method authentication, vulnerability assessment and assisted remediation
  • Multiple options on how to handle authenticated internal users/devices that do not pass the security posture assessment
  • Extreme NAC is adaptable to any device using RADIUS for authorization with configurable RADIUS attributes such as Login-LAT or Filter ID. Enterprises can also apply different policies depending on the RADIUS reject attribute
Network Access Control Assessment Agent OS Requirements

Supported operating systems for end systems connecting to the network through an Extreme Networks Network Access Control (NAC) deployment that is implementing agent-based assessment.

  • Windows 2000
  • Windows 2003
  • Windows 2008
  • Windows XP
  • Windows Vista
  • Windows 7
  • Windows 8
  • Windows 8.1
  • Mac OS X – Tiger, Leopard, Snow Leopard, Lion, Mountain Lion, and Mavericks

Certain assessment tests require the Windows Action Center (previously known as Windows Security Center) which is supported on Windows XP SP2+, Windows Vista, Windows 7, 8, and 8.1 op-erating systems.

NetSight Network Access Control Management

NetSight provides the management capabilities for NAC. A single NetSight server with NAC will support: 100,000 end-systems; 50,000 end-system registrations; 12,000 end-systems with agent-based assessment; 35 appliances.

NetSight Server and Client OS Requirements
These are the operating system requirements for both the NetSight Server and remote NetSight client machines.

  • Windows (qualified on the English version of the operating systems)
  • Windows Server® 2003 w/ Service Pack 2 (64-bit & 32-bit)
  • Windows XP® w/ Service Pack 3 (32-bit only)
  • Windows Server® 2008 Enterprise & R2 (64-bit & 32-bit)
  • Windows Server 2012 Enterprise (64-bit only)
  • Windows® 7 (64-bit & 32-bit)
  • Windows® 8 & 8.1 (64-bit & 32-bit)

Linux

  • Red Hat Enterprise Linux WS and ES v5 & v6 (64-bit & 32-bit)
  • SuSE Linux versions 10, 11, and 12.3 (64-bit & 32-bit)
  • Ubuntu 11.10 Desktop version (32-bit , remote NetSight client only)
  • Ubuntu 11.10, 12.04, and 13.04 (64-bit)

 

  • Mac OS X® 64-bit (remote NetSight client only)
  • Leopard®, Snow Leopard®, Lion®, Mountain Lion®,, or Maver-icks®
  • VMware® (64-bit NetSight Virtual Appliance)
  • VMware ESXi™ 4.0, 4.1, 5.0, 5.1, or 5.5 server

NetSight Server and Client Hardware Requirements
These are the hardware requirements for the NetSight Server and NetSight client machines:

  • NetSight Server
  • Minimum – 32-bit Windows 7; Dual-Core 2.4 GHz Processor, 2 GB RAM, 10 GB Free Disk Space
  • Medium – 64-bit Desktop, Windows 2008 R2 or Linux; Quad-Core 2.66 GHz Processor, 8 GB RAM, 40 GB Free Disk Space
  • Large – 64-bit Server Linux; Dual Quad-Core Intel® Xeon CPU E5530 2.4 GHz Processors,12 GB RAM, 100 GB Free Disk Space
  • NetSight Client
  • Recommended-Dual-Core2.4 GHz Processor,2 GB RAM Free Disk Space-100MB (User’s home directory requires50MB for file storage)
  • Java Runtime Environment (JRE) 6 or 7 (also referred to as 1.6 or 1.7)

Supported Web Browsers

  • Internet Explorer version 8, 9, and 10
  • Mozilla Firefox 23 and 24
  • Google Chrome 29.x