Today, two-thirds of all business leaders believe their companies must accelerate the pace of digitalization to remain competitive.
For companies to garner the benefits of digitalization, the network must transform. Without a dynamic resilient network that securely delivers applications and connects devices, digital transformation grinds to a halt. Consistent granular policies throughout the entire network are critical to the digital transformation journey towards the autonomous enterprise.
With IoT and a mobile-first workforce, an organization’s attack surface today is larger than ever before. In order to cost-effectively manage security and insure compliance for network access, IT needs a solution that can:
In my last blog post, “Automation, Visibility, and Access Policies – From the Edge to the Cloud,” I pointed out the importance of access policies. In this blog, I go deeper into how access policy actually works and what data needs to be collected and correlated to increase network assurance.
In order to ensure network security and meet compliance mandates, IT must be able to identify all of the devices connected to the network. They must also understand the risks associated with granting each different kind of end system access to the network. As an example, the risks associated with an IT-managed desktop computer are very different from those associated with an employee-owned and largely-unmanaged tablet.
Once a device is detected, identified, and the risk assessed, the proper controls must be placed on the access. The access policy should be granular and, to satisfy security and compliance requirements, it should enforce the principle of least privilege.
Only with a network access control solution that automatically discovers, risk assesses, and provisions devices is it possible to securely manage the diversity of IoT and mobile devices.
ExtremeControl provides visibility, control, and automation that allows organizations to cost-effectively and securely manage an autonomous enterprise.
When onboarding a new device you can set additional granular policies to learn more about the device and user. The information enables better access control and provisioning decisions. Our ExtremeControl solution automatically discovers and tracks over 50 attributes per user and device on the network. This rich store of information provides more intelligent policy enforcement for security and compliance. Our network access control solution goes beyond simple role-based access control to eliminate potential security holes. It uses context-based policy management, enabling a single policy all the way from the edge, across the campus network, into the data center and multi-cloud.
Context-based access management extends access control decisions beyond username and role to include device type, identity, device location, day and time, authentication method, and device security posture.
Let’s make this real and talk about what you can do with context-based access management by setting granular policies with key attributes:
Agentless network-based scans can also be used for assessment: end systems that fail assessment can be denied access until the problems are corrected. You can quarantine any device that is not running an up-to-date anti-virus program.
The examples above describe use cases for several of the key access attributes. The strength lies in combining these attributes for fine-grained control that meets your organization’s security and compliance requirements.
“Healthcare IT is challenged with balancing the cost of securing medical devices within a budget, all the while taking into consideration patient care and the security of the hospital. ExtremeControl has enabled us to cost-effectively secure our medical devices with network segmentation and create a zero trust environment.” – AVP of Information Security Christopher Frenz, Interfaith Medical Center
The challenge of the autonomous enterprise is to build a policy-based infrastructure that reaches from the edge to the campus, to data center and multi-cloud. Network assurance is critical to manage numerous IoT devices, mobile devices, and applications. In today’s heterogeneous networks access policies need to be consistent and adapt automatically to network changes. To eliminate security holes, policies must be automatically rolled out across the entire network. With ExtremeControl and Extreme Management Center you can build a solid base for network assurance and enjoy the following key benefits:
With its context-based access control that collects and correlates numerous attributes for devices, users, and applications, ExtremeControl keeps you on top of security breaches and compliance issues. In The 8 Analytics Features You Need to Get Your Time Back I described the wide range of device and application analytics that Extreme Management Center correlates to provide a clear picture of the security status of devices connected to the network; thus simplifying risk assessment and fault resolution. Alerts for potential access risks and application performance degradations help you prevent data breaches and service interruptions. Machine-assisted tuning of network and application performance thresholds as well as smart packet capture for forensics further improves the security posture.
To learn more request a demo of ExtremeControl.
This blog was originally authored by Bettina Baumgart, Senior Manager of Product Marketing.