jintropin

Network Access Control

Posted by admin on February 24, 2015

Network access control allows you to identify who, what, where, when, and how an end user or device is accessing your network. DLP can enhance IT management by allowing application security professionals to understand the most important user access points for a given application, database, and network.

Two case studies show how DLP works in action. The first two cases illustrate the powerful DLP capabilities of a new Pivotal product: Go-Case, which empowers security personnel to monitor network access by running Go-Case on device based DLP solutions. A second case study shows how Oracle will leverage Go-Case’s DLP capabilities to allow compliance staff to create an Enterprise Access Control Management program for the corporation’s security controls or you can also use services from sites such as https://www.fortinet.com/solutions/enterprise-midsize-business/network-access/application-access which specialize in this area.

Case Study: How Go-Case Performs

If you are looking for the right DLP solution for your organization, you should consider Go-Case. Go-Case delivers complete network visibility by using a real-time, end-to-end visibility engine and modern device management capabilities. All Go-Case devices run an Oracle SNA solution. Go-Case is fully integrated with Oracle SNA.

Go-Case, which supports all the SNA rulesets and full screen support, implements three types of connections: MMI, IPSEC, and VPN. For example, the following Go-Case sessions capture the process of applying a network configuration policy to the data center:

For this solution, a typical use case might look like this:

Network Configuration Policy to Protect IT Equipment

Machine Manager has a handful of separate network policies that apply to network devices, such as WAN adapters, switches, routers, and firewalls. There is no uniform policy for monitoring or managing network connectivity across the various management tools on a corporation’s network. Therefore, once a network device is connected to a management network, it must be monitored and managed separately. For example, a network firewall can connect to a WAN, but it would be impossible to monitor the impact on the company’s security controls without capturing that impact first.

Once a device has been attached to the network, the analysis becomes a critical challenge. To properly analyze the impact of network configuration policy, you would have to retrieve the relevant machine-specific configuration data, to determine the machine’s IP addresses and ports, and to analyze the network traffic using monitoring tools. However, monitoring the network traffic takes time, and once the network device is disconnected, it is gone forever.

With Go-Case, you create a mobile client application for the management tool of your choice to analyze the impact of network configuration policy on any network device. When a device connects to the network, Go-Case compares that device with its configuration for the device of interest. The connected device is then inserted into the investigation process. The resulting information is instantly displayed in the client application. This enables a client to download data from its management tool and analyze it in a single go.

Case Study: Server OS Screen Capture

In this case study, we visualize a network solution designed to monitor and manage server environments. The solution uses Go-Case’s DLP capabilities to capture the entire server OS screen.

The following two instances capture the process of examining the usage of network management tools:

This information is immediately displayed in Go-Case and can be downloaded for use by anyone accessing the network. In order to understand what traffic occurs during a server administrator’s control of this OS, we need to see the entire log file.

Share