Colony Networks has developed a hosted software solution for identity based network access control (NAC) and IP device monitoring.
Our solution encapsulates human and device network access and monitoring into a zero touch deployment model by coupling the cloud-based software with off the shelf enterprise grade policy enforcement hardware (firewalls). This customer premise equipment is inexpensvie and is connected to our data center via VPN tunnels. Our solution is delivered over these secure tunnels directly into edge locations where network management has traditionally been challenging.
Device Authentication
Our centralized authentication service ensures only approved devices are able to connect to a Colony enabled network. Access policies ‘follow’ and are applied at each client site under management by Colony software, making network device changes easy to administer while maintaining security.
This module offers the following solutions to critical problems our clients face today:
- Ensure physical port based security by moving edge authentication configuration to a central interface (we can also extend simple MAC address based white lists to 802.1x based central authorization models using managed intelligent switches)
- Satisfy the locked down physical port requirement for PCI DSS 1.4
- Provide an extremely simple way to allow IT departments to authorize devices onto appropriate VLANs via actionable alerts, even to mobile devices in real time
This service requires a managed switch capable of RADIUS authentication request handling.
User Login Authentication
We can federate wireless access across multiple locations on existing or brand new wireless infrastructures. Colony is able to offer silent authentication for Wi-Fi devices in an organization by integrating with existing directory servers, including Microsoft’s ActiveDirectory server. This solution has the following benefits:
- Clients are not required to set up or replicate separate identity databases for existing staff
- Management of employee identities – move, adds and changes for the organization can be carried over to Wi-Fi infrastructure
- As our authentication servers are cloud based, federated access across all client sites becomes possible
- No training required – staff is able to log on to wireless networks with their existing and known user-names and password as they do on the corporate wired network
- User policies include bandwidth contracts, session time limits, URL blacklists, location access limits etc.