Network Access Control with minimal impact to IT and superior user experience
- All-in-one appliance
+ Conducts user requests to access company’s resources and provides authentication, authorization, and accounting (AAA) services.+ The build-in RADIUS server provides multiple EAP authentication methods including MAC address, One-Time Passwords (OTP) or certificate-based authentication, etc.
+ Acts as a dedicated certificate authority (CA) issuing and managing certificates. It can also act as a subordinate CA which integrates into an existing Public Key Infrastructure (PKI).
- Easy to back-up and restore
Back-up takes less than 20 seconds and a full restore approximately 100 seconds. The full restore includes the CA function and the RADIUS function.
- IEEE 802.1X WLAN access control
With the NetAttest EPS network administrators can manage the access to the WLAN securely. Guests, temporary employees or contractors can use the selfservice portal to request temporary access to the WiFi. When authenticated the guest user is automatically directed to the right network resources. The NetAttest EPS also provides an internal user database for storing temporary employees or contractors.
- Easy to make redundant installations
In case of a redundant configuration the RADIUS server on both units are active. The network access servers require configuration to use the first NetAttest EPS unit as the primary RADIUS server and the second unit as the secondary RADIUS server. The full configuration, including the CA configuration, is automatically shared daily. In case the master CA crashes, the backup CA will take over.
Soliton Key Manager - issue and renew certificates in just 3 steps
Other key benefits include:
- Soliton Key Manager adds security to the Simple Certificate Enrolment Protocol (SCEP) by including a unique secret per request and e.g. APID, IMEI, or UDID during the SCEP process.
- Soliton Key Manager can generate, if required, both a public and a private key. It stores the private key on the device in a format that cannot be exported while the public key is being forwarded to the NetAttest EPS where it is used for authentication purposes
WHITE PAPER
Review the security of corporate wireless LAN with NetAttest EPS
Certificate Authority
MAC address authentication
Unified deployment process
MDM option
For additional security the NetAttest EPS-ap provides a set of Mobile Device Management (MDM) features. It allows to create a profile including several MDM functions such as the automatic locking after a predefined time and the prerequisites of defining the password. Other functions include remote device lock and wipe and the possibility to obtain device information.
Specifications Netattest EPS
| EPS-SX15-A & EPS-SX15-V | EPS-ST05-A & EPS-ST05-V | EPS-DX05-A &EPS-DX05-V | ||
|---|---|---|---|---|
| Max. number of user registration | 200 | 200 / 500 / 2,000 / 5,000 | 100,000 | |
| Max. number of RADIUS clients | 20 | 500 | 1,000 / 4,000 | |
| Supporting authentication protocol | EAP-TLS, EAP-MD5, EAP-PEAP (MS-CHAPv2, GTC, TLS), EAP-TTLS (PAP, CHAP, MS-CHAP, MS-CHAPv2, GTC, EAP-MSCHAPv2, EAP-TLS), Cisco-LEAP, EAP-FAST, PAP, CHAP, MS-CHAP, MS-CHAPv2 | |||
| Redundancy |  |  | | |
| RADIUS EXTENSION | One Time Password | | | |
| MAC address authentication option | | | | |
| Group profile | | | | |
| Certificate Authority (CA) | Client certificate publish | | | |
| External server certificate publish | | | | |
| Max. number of certificates | | 400/1,000/4,000/10,000 | 200,000 | |
| Extended CA function | | | | |
| External database | Windows Domain | | | |
| External LDAP database | | | | |
| RADIUS proxy | | | | |
| Log manage- ment | RADIUS accounting | | | |
| RADIUS detail accounting | | | | |
| Log maintenance | | | | |
| Other | SNMP (agent), NTP synchronisation, Syslog (TCP/UDP), Support UPS | |||
| EPS-SX15-A | EPS-ST05-A | EPS-DX05-A | |
|---|---|---|---|
| Form Factor | Desktop (option rack mount kit) | EIA19 inch (incl. rack mount kit) | EIA19 inch (incl. rack mount kit) |
| Dimensions (W x D x H) | 165 x 43 x 106 mm | 438 x 44 x 292 mm | 443 x 44 x 386 mm |
| Network interface | 10/100/1000BASE-T(X) Auto-MDI-X x 4 ports | 10/100/1000BASE-T(X) Auto-MDI-X x 4 ports | 10/100/1000BASE-T(X) Auto-MDI-X x 4 ports |
| Weight | 0.65 kg | 4.2 kg | 7.3 kg |
| Power supply | 90 ~ 264VAC 47 ~ 63Hz (90 ~135Vac) | 90 ~ 264VAC 47 ~ 63Hz (90 ~135Vac) | 90 ~ 264VAC 47 ~ 63Hz (90 ~135Vac) |
| Max. power consumption | 22 VA | 28 VA | 120 VA |
| Calorific value | 75BTU/h 18.9kcal 22W | 95.5BTU/h 24.1kcal 28W | 409.2BTU/h 103.1kcal 120W |
| Operating environment | Temperature 0 ~ 40°C Humidity 20 ~ 90% non-condensing | ||
| Certifications | VCCI (Class B) FCC (Class B) CE, UL, RoHS PSE (power adapter) | VCCI (Class A) FCC (Class A) CE, UL, RoHS PSE (power cable) |
| EPS-SX15-V | EPS-ST05-V | EPS-DX05-V | |
|---|---|---|---|
| Supporting virtual platform | VMware ESXi 7.0 / 6.7 / 6.5 | ||
| VMware virtual machine version | 10 | ||
| Virtual machine image | OVA | ||
| Number of CPU | 2 | 4 | 4 |
| Memory size | 2,048 MB | 8,192 MB | |
| HDD 1 | 2GB | 5GB | 96GB |
| Network adapter | 4 |
- Supports redundancy with virtual and physical appliance.
- Support back-up/restore between virtual and physical appliance
- No support for displacement by using virtual platform function such as Vmotion and VMwareFT (use the NetAttest EPS redundancy function)
| MODEL | OPTION LICENSE | DESCRIPTION | |
|---|---|---|---|
| OP1 | EPS-ST05 | User extended option (500) | • Extend maximum number of user registration |
| OP2 | EPS-ST05 | Function extended option (2,000) | • Extend maximum number of user registration • Enable Windows Domain authentication • Group Profile |
| OP3 | Function extended option (5,000) | ||
| OP4 | EPS-SX15 | Windows Domain option | • Enable Windows Domain authentication |
| OP5 | EPS-DX05 | RADIUS Client extended option | • Extend maximum number of RADIUS Client |
| OP6 | EPS-DX05 | MAC Address extended option | • Enable MAC Address authentication with dedicated DB (maximum 200,000 addresses are registrable) |
| OP7 | EPS-ST05 | ||
| OP8 | EPS-SX15 | ||
| OP9 | EPS-DX05 | CA Extended option | • Enable certificate distribution by Web enroll • Enable certificate distribution by SCEP enroll • Enable publishing Windows Smart Card logon certificate • Execute certification profile |
| OP10 | EPS-ST05 | CA Extended option (200) | |
| OP11 | CA Extended option (500) * User extended option (500) is required to be purchased together | ||
| OP12 | CA Extended option (2,000) * Function extended option (2,000) is required to be purchased together | ||
| OP13 | CA Extended option (5,000) * Function extended option (5,000) is required to be purchased together | ||
| OP14 | EPS-DX05 | One-Time Password server option | • Enable One-Time Password function |
| EPS-ST05 | |||
| EPS-SX15 |
Key specifications Soliton KeyManager
Platform: Windows
Operating system version: Windows 10 (Except on ARM) /Windows 8.1 (Except RT)
Platform: Mac OS
Operating system version: 10.15 / 10.14
Platform: iOS/iPadOS
Operating system version: 13.7-13.1 / 12.4-12.0
Platform: Android
Operating system version: 11.0 / 10.0 / 9.0 / 8.1-8.0 / 7.1-7.0
Download information Soliton Key Manager
Platform:Windows
- Updated: October 12, 2020
- Version: 2.0.5
- Size: 11MB
- SHA256:5D0CBB03CB1F5B27D426FEEB4A4CC67A3A7E03EABDF88934218E6ADE0FE9051F
- Update Procedure to V2.0.4 or later:
In case updating from V2.0.0 ~ V2.0.2, please make sure to update to V2.0.3 and then update to V2.0.4 or later
WHAT’S NEW:
-Soliton OneGate Support
-Change CA certificate acquisition flow
-Bug fixes
Platform:Windows
- Version: 2.0.3
- Size: 11MB
- SHA256:206319A2802AE1C57A1DA7A14778D70933689CF00675F0C4A2F8B0FF69559AE9
- Notice:V2.0.3 is only for update to V2.0.4 or later from V2.0.0 ~ 2.0.2.
- Updated: October 12, 2020
- Version: 2.0.3
- Size: 7.2MB
- SHA256:b0a8af36f243b8cc4a745c906e6006423e20541fd324971ef2e90fd9a1cc3c3a
WHAT’S NEW:
-Soliton OneGate Support
-Change CA certificate acquisition flow
-Bug fixes
Platform:iOS
Application can be downloaded from App Store
Platform:Android
Application can be downloaded from Google Play
Integration with other Soliton products
SecureBrowser
SecureBrowser is a remote access solution that establishes connections between a remote device and web servers inside a network. The SecureBrowser can use the digital certificates issued by the NetAttest EPS for strong authentication purposes. Users can now only access the organisation’s web servers by using a username, password and a valid device certificate.
Not all networks allow the use of IEEE 802.1X network control. Examples are branch offices without managed switches or network environments existing of non-IEEE 802.1X supplicants. Integration with the NetAttest LAP adds an additional layer of security to the network.
Customer Stories
Sumitomo Besshi Hospital is the largest hospital in the Toyo District. With around 600 staff relying on being closely connected, they needed to migrate and update 40 types of systems (used for electronic medical records). They required a simple network, which is easy to maintain and that allows to control the devices that connect to the network. By using Soliton’s NetAttest series the hospital managed to reduce the complexity of linking in all their data within their network, whilst strengthening security with endpoint authentication. Read more…
COOP is a life insurance company with over 149 offices in Japan. In 2015 they started a ‘digitization’ project. An aspect of this project is to have all products, services and customer data available for their sales teams online. This data contains highly sensitive customer information, data leakage prevention and assuring only employees with the right authorization can access the data were essential requirements of the implementation. Read why COOP chose Soliton’s NetAttest EPS and SecureBrowser…
