Fon’s Virtual Management Network Access Controller (VMNAC) helps enterprises incorporate a new security layer into their existing network infrastructure to guarantee the security and protection of their business information.
As well as allowing the management of network access policies for different devices and users like a regular NAC, Fon’s VMNAC has two additional strengths:
– Multi-tenant: It allows for the central management of multiple enterprises, no matter what their network structure or operating system. This makes it the perfect product for Managed Service Providers (MSPs) and operators alike.
– Integrability with any user directory database: Both on-premises, such as LDAP or Active Directory, or in the cloud, such as Office 365 or Google G-Suite, as well as any other type, for example Amazon or JumpCloud.
Our VMNAC handles the access of users and their devices through a variety of different modules:
Manage and control all the service from the administration portal, a multi-tenant user-friendly console.
A database that contains the profiles of all users, their devices, and their network access type.
User and device authentication, network access control from the cloud, and centralized authentication, authorization, and accounting management.
A security component that provides authorization services, administers security configuration requirements, and specifies the access control actions for compliant and noncompliant endpoints.
A web portal that allows employees and new hires to self-configure their devices to authenticate to the enterprise’s network.
Manage the guest WiFi customization flow and invitation management.
Discover, identify, and monitor the devices on your networks in real-time
Authorize every network connection through appropriate, policy-based access controls
Mitigate threats to your networks before it’s too late with automated threat response
From local users database and guest users, to Google G-Suite, Office 365, Active Directory, and Amazon Directory Services, Jumpcloud, Onelogin, and others
A device management agent allows for local device inventory and posture checks in addition to MDM/EMM platform integration
Multiple access policies per user/group can be configured, as well as mandatory MFA policy, endpoint status verification (device risk assessment), time/date policy based, and concurrency control
Determine the proper level of access based on the security status of an endpoint
Block, quarantine, or grant limited or full access to an endpoint. This is achieved through different EAP variants (EAP-TLS, EAP-TTLS, PEAP), inner authentication support (PAP, CHAP, MSCHAPv2), and password rotation policy
IPSec VPN for encrypted, secure communication, and SSL certificate management, and revocation process
VMNAC can be integrated with corporate systems through our API frontend and multi-tenant architecture that provides OSS/BSS integration capabilities; and with other security elements such as next-generation firewalls, advanced threat defense (ATD), and security information and event management (SIEM) solutions
Through an open and customizable SSID and a captive portal customization, guest invitation process and calendar integration
Automation of device configuration through a self-onboarding captive portal. Users can download their enterprise profiles and configure their devices based on their access policies. Different OS (iOS/OSX, Linux, Windows, Android) and policy based onboarding
The network is monitored through a console that displays number of sessions, different dashboards (use, activity, security), reports, security alerts and triggers, as well as audit capabilities