More than network access control
Zero trust is designed to prevent malicious access to resources within the corporate environment and is an important tool for preventing cyber attacks. Our solution’s network-based zero-trust approach fundamentally distrusts all assets within the network and requires one-to-one authentication for every network connection.
ARP-GUARD’s proprietary fingerprint technology provides a one-to-one identity check for all devices. With ARP-GUARD Network Access Control, only authorized and uniquely identified devices are granted access. ARP-GUARD records every single access attempt in real time and where the resource is located at the time of each network access. Network anomalies can thus be detected, reported, assessed and remediated in real time with our intelligent vulnerability and risk management.
ARP-GUARD NAC provides maximum transparency and control for the highest IT security standards in your network. Orchestration of the entire network environment takes place in a central location and allows definition of specific rules for distributed locations. Segmentation into separate VLAN areas provides protection for sensitive areas. Devices are allocated dynamically and according to the rules.
The scalable sensor management system architecture, in conjunction with our enterprise management, provides cross-site and geo-redundant protection for your enterprise, whether it's a medium-sized business or a large corporation with over 100,000 endpoints.
Our ARP-GUARD works independently of vendor and technology, you have the freedom to choose which network technology and authentication methods you want to use. This multi-vendor strategy can actively support you in standardizing your existing heterogeneous IT infrastructures.
The main advantages at a glance
- Full range of authentication methods enables mixed operation of SNMP, MAC-based RADIUS and 802.1X with the same feature set.
- Hybrid use of MAC and 802.1X authentication achieves full NAC coverage; subsequent migration from SNMP to 802.1X is easy to implement if required.
- One of the fastest implementations on the market in only 4 steps (device identification and localization / endpoint classification / ruleset definition / ruleset activation), with optional hardened physical and/or virtual appliance.
- Our solution is independent of technology and manufacturer. This allows you to homogenize your network from end-to-end as far as network security and management factors are concerned without the need for additional investment in your existing infrastructure.
- Orchestrate any number of sites and endpoints with our enterprise management using the revolutionary and highly scalable sensor management architecture.
- Intelligent real-time vulnerability and risk management using the industry standard Common Vulnerability Scoring System(CVSS), taking into account the real threat environment with an intuitive “one-click remediation” procedure for vulnerability remediation at the affected endpoint.
- Our solution supports you especially in the area of critical infrastructures with important certifications such as ISO 27001, ISO 27799, DIN EN 80001-1, IT Baseline Protection and the B3S standards.
- We and our partners are at your disposal with German and English-speaking support.