Part of the Veri-NAC family
VeriNAC™ 5200 is part of the Veri-NAC family of one-box NAC solutions, providing state-of-the-art network access control for networks up to 250 nodes on two subnets. The Veri-NAC family consists of NAC solutions ranging in size from the Veri-NAC 5200 for small offices to the Veri-NAC 5800 for large enterprise networks with up to 100,000 nodes.
Designed for simplicity
NAC solutions have been around for a while but have been slow to catch on because they’ve been expensive, time-consuming, and often require extensive equipment upgrades. In short, they were just too complicated to be worthwhile for most organizations.
Veri-NAC, on the other hand, is designed to provide maximum security in a simple, agentless design that’s also very affordable. There’s no need for extensive training or dedicated personnel, no need to install software agents, and no need to upgrade switches—Veri-NAC is easy to integrate into your network.
Only the trusted
Veri-NAC only lets computers and devices onto your network if they comply with standards that you specify.
All network devices have a unique, factory-installed MAC address. Veri-NAC assembles a profile of each device, including the MAC address as well as other information, and only lets known, trusted devices on the network. It can even detect and stop a machine trying to get in under a spoofed MAC address.
Veri-NAC models 5250 and higher also include an endpoint vulnerability auditing engine featuring the CVE database, which checks to make sure each connected device complies with your standards, including up-to-date operating system patches, virus protection, and configuration. This auditing function works for all connected devices, not just PCs.
Even after trusted devices are connected to your network, Veri-NAC can be set up to periodically scan them to ensure they don’t contain any new vulnerabilities.
Unlike most other NAC systems, Veri-NAC doesn’t require that you install software agents on connected machines. This both simplifies installation and improves security because agents are vulnerable to hacking. Agentless design means that Veri-NAC also works with devices such as printers, smart phones, and wireless access points that can’t have agents installed on them.
Not only is the up-front cost for Veri-NAC often lower than other solutions, installation and ongoing maintenance are lower, too.
Veri-NAC works with your existing network and legacy infrastructure, so there’s no need for expensive upgrades. Plus, Veri-NAC requires no formal training and only minimal installation time, so even organizations with a limited IT staff can easily add it to their network security plan without straining resources. Flexible
Veri-NAC offers a great deal of flexibility in how it responds to perceived threats. For instance, if Veri-NAC detects a device with an unknown MAC address, it can lock that device out entirely or limit it to only a guest VLAN that you set up. If it detects a computer with outdated virus software, it can lock it out, direct the user to a server with updated virus software, or admit the user to the network while sending a message to your IT staff to update the software.
Unknown users and devices—guests, for instance—can either be allowed on the network but flagged as an untrusted asset, or blocked entirely. If you have visitors who want to use their own laptops or smartphones to access the Internet, Veri-NAC can grant them access only to the Internet while restricting them from your organization’s intranet.
Fast, straightforward setup
This capable NAC system takes just minutes to install. Veri-NAC is literally a turnkey network appliance—just plug it in, turn it on, and follow the simple on-screen instructions to configure it. There’s no need to upgrade your hardware or operating systems. The simplified user interface has practically no learning curve.
Veri-NAC displays network vulnerability information in colorful, easy-to-interpret graphs and charts. With one glance, you can view the status of your network and of each node within your network. Veri-NAC tracks and logs common vulnerabilities and exposures (CVEs), documenting end-user policies for regulatory compliance initiatives.
Veri-NAC protects 802.11q VLANs, too, by preventing a guest device connected to a VLAN from accessing a secure VLAN on the same port. Veri-NAC 5200 protects up to 10 VLANs.
Treads lightly in your network
Because Veri-NAC isn’t an in-line device, it won’t negatively affect network performance. Under normal conditions, Veri-NAC uses less than 10 kbps of bandwidth to block untrusted users and between 50 and 100 kbps while it’s auditing for vulnerabilities. This small amount of bandwidth isn’t enough to make a noticeable difference in network performance in most circumstances.
Find out more
To speak with an application engineer or set up a live demo of Veri-NAC call us at 800-355-7996.