NetAttest EPS

All-in-one Network Access Control

Network Access Control with minimal impact to IT and superior user experience

With the NetAttest EPS network administrators can easily implement network access control. Based on the IEEE 802.1X standard the NetAttest EPS is an all-in-one port-based network access control solution that acts as an authentication and authorization server. It deploys certificates to authenticate users and devices, and to authorize users access to their permitted network resources. The NetAttest EPS protect the company’s network and its elements from unauthorized access and breaches that may lead to the loss of data.
  • null
    All-in-one appliance
    + Conducts user requests to access company’s resources and provides authentication, authorization, and accounting (AAA) services.

    + The build-in RADIUS server provides multiple EAP authentication methods including MAC address, One-Time Passwords (OTP) or certificate-based authentication, etc.

    + Acts as a dedicated certificate authority (CA) issuing and managing certificates. It can also act as a subordinate CA which integrates into an existing Public Key Infrastructure (PKI).

  • null
    Easy to back-up and restore
    Back-up takes less than 20 seconds and a full restore approximately 100 seconds. The full restore includes the CA function and the RADIUS function.
  • null
    IEEE 802.1X WLAN access control
    With the NetAttest EPS network administrators can manage the access to the WLAN securely. Guests, temporary employees or contractors can use the selfservice portal to request temporary access to the WiFi. When authenticated the guest user is automatically directed to the right network resources. The NetAttest EPS also provides an internal user database for storing temporary employees or contractors.
  • null
    Easy to make redundant installations
    In case of a redundant configuration the RADIUS server on both units are active. The network access servers require configuration to use the first NetAttest EPS unit as the primary RADIUS server and the second unit as the secondary RADIUS server. The full configuration, including the CA configuration, is automatically shared daily. In case the master CA crashes, the backup CA will take over.

Soliton Key Manager - issue and renew certificates in just 3 steps

The Soliton Key Manager app makes it easy for network administrators to use short-life certificates for enhanced security. The application offers a user-self-service to automatically request and install user- and device certificates on any device in just 3 steps. The Soliton Key Manager app sends the user a warning to renew the certificates upon users click the link to renew the certificate.

Other key benefits include:

  • Soliton Key Manager adds security to the Simple Certificate Enrolment Protocol (SCEP) by including a unique secret per request and e.g. APID, IMEI, or UDID during the SCEP process.
  • Soliton Key Manager can generate, if required, both a public and a private key. It stores the private key on the device in a format that cannot be exported while the public key is being forwarded to the NetAttest EPS where it is used for authentication purposes


Review the security of corporate wireless LAN with NetAttest EPS


Certificate Authority

  • Web-portal: A self-service portal for end-users to request and download their own user and/or device certificate. Certificates are issued automatically or after approval by the administrator.
  • Online Certificate Status Protocol (OCSP) Responder: The CA extended option offers OCSP-Responder for easy checking of revocation of certificates.
  • Support of Simple Certificate Enrolment Protocol (SCEP): The embedded SCEP-server makes the issuing of digital certificates simple and scalable for other IT systems, such as MDM systems or third-party devices, that require a certificate for authentication.
  • Customizable Certificate Signing Request (CSR) templates: The CSR templates include any kind of data of extended key usage and key generation such as certificate validity period and renewal period.
  • Special-purpose certificates: The CA extended option allows the administrator to generate special purpose certificates such as Windows SmartCard, Code Signing and Domain Controller certificates.

MAC address authentication

With the MAC address feature embedded administrators have a dedicated database available that allows the authentication of MAC addresses of non-802.1X supplicants. The database can store up to 200,000 MAC addresses.
Other features include:
  • The MAC address feature automatically detects the non-IEEE 802.1X supplicants in the network and adds them to the whitelist.
  • The dedicated interface for the registration of new MAC-addresses allows the administrator to quickly add new devices to the network.

Unified deployment process

The NetAttest EPS-ap provides a unified deployment process, through the Soliton Key Manager (SKM), for distributing and installing digital certificates on any device and platform. The deployment process is always the same regardless the device and its operating systems.
  • Proxy-server: Handles SCEP requests and adds additional security by protecting the internal Certificate Authority (NetAttest EPS) by URL rewriting and forwarding an SSL/TLS encrypted SCEP request to the internal Certificate Authority (NetAttest EPS).
  • OTA protocol: Embeds the Apple Over-The-Air (OTA) protocol supporting certificates on Apple devices.

MDM option 
For additional security the NetAttest EPS-ap provides a set of Mobile Device Management (MDM) features. It allows to create a profile including several MDM functions such as the automatic locking after a predefined time and the prerequisites of defining the password. Other functions include remote device lock and wipe and the possibility to obtain device information.

Specifications Netattest EPS

  • Supports redundancy with virtual and physical appliance.
  • Support back-up/restore between virtual and physical appliance
  • No support for displacement by using virtual platform function such as Vmotion and VMwareFT (use the NetAttest EPS redundancy function)
Key specifications Soliton KeyManager

Platform: Windows
Operating system version: Windows 10 (Except on ARM) /Windows 8.1 (Except RT)

Platform: Mac OS
Operating system version: 10.15 / 10.14
* except Apple M1 chip machine

Platform: iOS/iPadOS
Operating system version: 13.7-13.1 / 12.4-12.0

Platform: Android
Operating system version: 11.0 / 10.0 / 9.0 / 8.1-8.0 / 7.1-7.0

Download information Soliton Key Manager


  • Updated: October 12, 2020
  • Version: 2.0.5
  • Size: 11MB
  • SHA256:5D0CBB03CB1F5B27D426FEEB4A4CC67A3A7E03EABDF88934218E6ADE0FE9051F
  • Update Procedure to V2.0.4 or later:
    In case updating from V2.0.0 ~ V2.0.2, please make sure to update to V2.0.3 and then update to V2.0.4 or later

-Soliton OneGate Support
-Change CA certificate acquisition flow
-Bug fixes

  • Version: 2.0.3
  • Size: 11MB
  • SHA256:206319A2802AE1C57A1DA7A14778D70933689CF00675F0C4A2F8B0FF69559AE9
  • Notice:V2.0.3 is only for update to V2.0.4 or later from V2.0.0 ~ 2.0.2.
Platform: macOS
  • Updated: October 12, 2020
  • Version: 2.0.3
  • Size: 7.2MB
  • SHA256:b0a8af36f243b8cc4a745c906e6006423e20541fd324971ef2e90fd9a1cc3c3a

-Soliton OneGate Support
-Change CA certificate acquisition flow
-Bug fixes


Application can be downloaded from App Store


Application can be downloaded from Google Play

Integration with other Soliton products


SecureBrowser is a remote access solution that establishes connections between a remote device and web servers inside a network. The SecureBrowser can use the digital certificates issued by the NetAttest EPS for strong authentication purposes. Users can now only access the organisation’s web servers by using a username, password and a valid device certificate.

Netattest LAP

Not all networks allow the use of IEEE 802.1X network control. Examples are branch offices without managed switches or network environments existing of non-IEEE 802.1X supplicants. Integration with the NetAttest LAP adds an additional layer of security to the network.

Customer Stories

Don’t take our word for it, read what our customers have to say

Sumitomo Besshi Hospital is the largest hospital in the Toyo District. With around 600 staff relying on being closely connected, they needed to migrate and update 40 types of systems (used for electronic medical records). They required a simple network, which is easy to maintain and that allows to control the devices that connect to the network. By using Soliton’s NetAttest series the hospital managed to reduce the complexity of linking in all their data within their network, whilst strengthening security with endpoint authentication. Read more…

COOP is a life insurance company with over 149 offices in Japan. In 2015 they started a ‘digitization’ project. An aspect of this project is to have all products, services and customer data available for their sales teams online. This data contains highly sensitive customer information, data leakage prevention and assuring only employees with the right authorization can access the data were essential requirements of the implementation. Read why COOP chose Soliton’s NetAttest EPS and SecureBrowser…

Contact us

Get the information you need, answers to any questions and see our solutions in action

Request a demo
Get answers to your questions, and discover if our solutions are the right choice for you


Sales inquiry
Get additional information about our services and solutions


Customer support
Contact customer support for answers to any technical enquiries

Loading posts...
Sort Gallery
Enter your email here