With the NetAttest EPS series network administrators can easily implement network access control. Based on the IEEE 802.1X standard the NetAttest EPS series is an all-in-one port-based network access control solution that acts as an authentication and authorization server. It deploys certificates to authenticate users and devices, and to authorize users access to their permitted network resources. The NetAttest EPS series protect the company’s network and its elements from unauthorized access and breaches that may lead to the loss of data.
- Product Overview
- Key Features
- NetAttest EPS Options
- NetAttest EPS-ap
- Soliton Key Manager
Why companies use NetAttest EPS
Companies use NetAttest EPS to:
- Build a high-level network authentication environment
Build a high-level network authentication environment quickly. NetAttest EPS is easy to operate and requires no special IT knowledge.
- Increase the network security of the company network
Increase network security at low costs with this all in one appliance.
- Issue and manage digital certificates
Issue and manage digital certificates for authorized users.
- Introduce a one-time password
Introduce a one-time password, which makes the network not vulnerable to replay attacks.
- Use an existing user database for authentication
Existing users can easily be authenticated with NetAttest EPS.
- Add smart devices to the company network
Easily introduce and manage smart devices to the company network.
- Use the RADIUS client/server protocol
NetAttest EPS supports various RADIUS authentications. It supports PAP/CHAP, which is used for IEEE802.1X or remote access.
- Limit network access
With NetAttest EPS you can easily deploy a network access policy based on user, location and time.
- Want to have extensive backup/restore features
Copy a backup file to a specified FTP server periodically. When NetAttest EPS fails, the backup file can be restored within 10 minutes.
Key specifications NetAttest EPS
Model EPS-DX04-A/ EPS-ST05-A/ EPS-SX15-A
Model EPS-DX04-V/ EPS-ST05-V/ EPS-SX15-V
For full overview of the technical specification please download the product sheet
Key features NetAttest EPS
- All-in-one appliance: the NetAttest EPS embeds features for optimum administering of security functions;
- Conducts user requests to access company’s resources and provides authentication, authorization, and accounting (AAA) services
- The build-in RADIUS server provides multiple EAP authentication methods including MAC address, One-Time Passwords (OTP) or certificate-based authentication, etc.
- Acts as a dedicated certificate authority (CA) issuing and managing certificates. It can also act as a subordinate CA which integrates into an existing Public Key Infrastructure (PKI).
- IEEE 802.1X WLAN access control: with the NetAttest EPS network administrators can manage the access to the WLAN securely. Guests, temporary employees or contractors can use the self-service portal to request temporary access to the WiFi. When authenticated the guest user is automatically directed to the right network resources. The NetAttest EPS also provides an internal user database for storing temporary employees or contractors.
- Easy to back-up and restore: Back-up takes less than 20 seconds and a full restore approximately 100 seconds. The full restore includes the CA function and the RADIUS function.
- Easy to make redundant installations: In case of a redundant configuration the RADIUS server on both units are active. The network access servers require configuration to use the first NetAttest EPS unit as the primary RADIUS server and the second unit as the secondary RADIUS server. The full configuration, including the CA configuration, is automatically shared daily. In case the master CA crashes, the backup CA will take over.
Options NetAttest EPS
CA (Certificate Authority) extended option
Key features include:
- Web-portal: a self-service portal for end-users to request and download their own user and/or device certificate. Certificates are issued automatically or after approval by the administrator.
- Online Certificate Status Protocol (OCSP) Responder: The CA extended option offers OCSP for easy checking of revocation of certificates.
- Support of Simple Certificate Enrolment Protocol (SCEP): the embedded SCEP-server makes the issuing of digital certificates simple and scalable for other IT systems, such as MDM systems and third-party devices, that require a certificate for authentication.
- Customizable Certificate Signing Request (CSR) templates: The CSR templates include any kind of data of extended key usage or key generation such as certificate validity period and renewal period.
- Special-purpose certificates: The CA extended option allows the administrator to generate special purpose certificates such as Windows SmartCard, Code Signing and Domain Controller certificates.
Mac address extended option
With the MAC address extended option network administrators have a dedicated database available that allows the authentication of MAC addresses of non-802.1x supplicants. The database can store up to 200,000 MAC addresses.
Other features include:
- The MAC address extended option automatically detects the non-IEEE 802.1X supplicants in the network and adds them to the whitelist.
- The dedicated interface for the registration of new MAC-addresses allows the administrator to quickly add new devices to the network.
The NetAttest EPS-ap provides a unified deployment process through the Soliton Key Manager (SKM) app for distributing and installing digital certificates on any device and platform. The deployment process is always the same regardless the device and its operating systems.
The NetAttest EPS-ap key features:
- Proxy-server: handles SCEP requests and adds additional security by protecting the internal Certificate Authority (NetAttest EPS) by URL rewriting and forwarding an SSL/TLS encrypted SCEP request to the internal Certificate Authority (NetAttest EPS)
- OTA protocol: Embeds the Apple Over-The-Air (OTA) protocol supporting certificates on Apple devices
MDM option for NetAttest EPS-ap
For additional security the NetAttest EPS-ap provides a set of Mobile Device Management (MDM) features. It allows to create a profile including several MDM functions such as the automatic locking after a predefined time and the prerequisites of defining the password. Other functions include remote device lock and wipe and the possibility to obtain device information.
Soliton Key Manager App
The Soliton Key Manager app makes it easy for network administrators to use short-life certificates for enhanced security. The application offers a user-self-service to automatically request and install user- and device certificates on any device in just 3 steps. The Soliton Key Manager app sends the user a warning to renew the certificates upon users click the link to renew the certificate.
Other key benefits include:
- Soliton Key Manager adds security to the Simple Certificate Enrolment Protocol (SCEP) by including a unique secret per request and e.g. APID, IMEI, or UDID during the SCEP process. Soliton Key Manager can generate, if required, both a public and a private key. It stores the private key on the device in a format that cannot be exported while the public key is being forwarded to the NetAttest EPS where it is used for authentication purposes
- Experts in live broadcasting & IT security
- Cutting-edge technology
- Stable Transmissions
- Over 30 years of experience
- More than 2000 premium brand customers