Deploying Network-based Authentication

The Beacon system facilitates the timely deployment of Network Appliance Control (NAC), 802.1X, and systems that rely on 802.1X. This is accomplished by providing the network administrator with the tools and training required to accurately configure all network edge ports leading up to deployment and providing a framework for managing identity, location, and adds, moves, and changes following deployment. Beacon addresses two critical concerns in the deployment of NAC and 802.1X - the type and location of all non-EAP endpoints (those that will not authenticate), and the sheer number of ports that must be individually configured due to the presence of non-EAP endpoints.

Providing Context for Security Events

The myriad of Security Appliances deployed today are useful sources of information regarding traffic patterns, application usage, and security violations. These include Intrusion Detection, Intrusion Prevention, Firewall, Anti-virus, Anti-spam, content devices, etc. The challenge with these devices is that they are positioned at aggregate points in the network and do not provide the context of the endpoints function within the organization, or the location of the offending station. Beacon provides a layer of context to the events generated by these products that allows the network administrator to make a more educated decision about how to respond, and the information to quickly understand the location of that end station, facilitating an accurate and specific response.

Addressing Audit Findings

Many compliance auditors have begun to ask questions regarding who, what is attached to the Enterprise network. In addition, many have begun to consider how an IT administrator would lock out would be intruders, isolate violators, and locate someone quickly in either scenario. This calls for a map of the network attached endpoints that allows the network administrator to understand all of the endpoints attached to the Enterprise LAN.