Manualshelf

User Guide

ManualsBrandsAlcatel-Lucent ManualsOtherOMNIACCESS SAFEGUARD CONTROLLER
21222324252627282930
OmniAccess SafeGuard OS Administration Guide
21
Chapter 1: SafeGuard OS Overview
following capabilities in the same device, ensuring that there is no centralized
point of failure:
Device Management – Administrators can set up, manage, and diagnose
problems for the device as a network device.
Authentication – With Network Access Control (NAC) capabilities,
authentication and posture check is provided to control who can enter the
LAN. NAC leverages an organization’s existing authentication servers and
identity stores with flexibility to provide either passive or active
authentication using Active Directory, RADIUS, or Captive Portal web logon.
End Point Validation (EPV) – As an optional component of NAC to validate
health or posture of end-user host machines, EPV policies use a temporary or
dissolvable client to check for out-of-date OS, anti-virus software, etc. Hosts
that are not in compliance with corporate security standards are redirected to
an appropriate site to download patches and fixes before accessing the
internet.
Security Policy Role-based provisioning learned from the authentication
component, the defined policy component allows the administrator to assign
ACLs (Access Control Lists) at Layer 4 and Layer 7 to individual users. This
capability is especially useful in the post admission separation of users
regardless of point of entry (for example, separation of employees, contractors
and business partners). While initiating policy enforcement on TCP
connections or groupings of UDP packets, a stateful deep packet inspection of
all flows is allowed.
Threat Control – An essential part of LAN control, Alcatel-Lucent threat
control algorithms monitor application connection patters for signs of
malicious behavior. Because these algorithms do not rely on signatures, they
can detect zero-day malware. The threat detection algorithms are built with a
goal of preventing network meltdown by detecting the malicious activity in
the quickest amount of time with very low false-positive rates.
Visualization – Collects information about users and applications and how
those users and applications impact the network. Visualization serves as the
conduit between other SafeGuard OS components and the Alcatel-Lucent
OmniVista SafeGuard Manager Command Center.
OmniVista SafeGuard Manager Command Center
OmniVista SafeGuard Manager is a central command center that displays data
flow information collected from the SafeGuard OS visualization component. The
OmniVista SafeGuard Manager interface, a graphical user interface, provides at-a-
glance views of network usage and security violations, which enables the IT
administrator to properly define security policies—global access and malware
policies—relevant to the unique characteristics, trends, and usage patterns and
characteristics of users on the network.