baramundi, macmon and the benefits of Network Access Control (NAC)
As the name Network Access Control suggests, macmon NAC reliably controls access to the corporate network. With this solution, companies know at all times which devices are on their network and where they’re located. All connected PCs, printers, laptops, as well as medical, IoT and other devices are identified, monitored and protected from unauthorized access. Guest and employee devices (BYOD) can be easily and securely authorized via the guest portal and dynamic management of network segments.
- Intuitive and straightforward implementation and operation
- Instant network overview with graphical topology display
- Comprehensive reporting options
- Device identification
- Intelligent AD integration with dynamic ruleset
- Highly flexible "guest" portal for visitor and employee BYOD devices
- Technology partnerships that increase overall value
Since 2021, macmon secure GmbH has expanded its NAC offering to include ZTNA, reflecting a broader rethinking of network security among companies for reasons including:
- The ongoing growth of mobile business computing
- Increasing digitization/digital transformation
- IoT, IIoT (aka, Industry 4.0) and IT/OT convergence
- The widescale move to the cloud
In addition to securing local networks, the focus is also on resources in the cloud. In addition to the proven macmon NAC, the company now offers macmon Secure Defined Perimeter (SDP), an architecture that secures corporate resources in traditional local networks and in private and public clouds.
ZTNA is based on the philosophy that neither a device nor a user should be trusted until they have been securely authenticated. The "new normal" or remote, mobile and hybrid working, and advancing digitalization are accelerating the outsourcing of various services to the cloud. As a result, ZTNA will continue to be an important component of comprehensive IT security strategies going forward.
The functionality and use of macmon Secure Defined Perimeter (SDP) is simple. The macmon SDP agent transparently performs a highly secure authentication against the macmon SDP controller. This verifies the identity of the user as well as the device and its security state. The SDP controller is located in an ISO 27001 certified German cloud in Berlin. IT delivers the defined policy back to the agent via the encrypted connection after successful authentication. The policy contains all information about which company resources users can access.
After successful authentication, users can access required resources either directly via single sign-on for cloud applications, or via the macmon SDP Cloud Gateway for private cloud resources.
Local resources in the company network can also be accessed via a direct connection through a local SDP gateway. Encrypted tunnels are used to secure the communication. Depending on the configuration, these make specific resources accessible. This means that all cloud strategies (including hybrid cloud) are flexibly supported so that companies can migrate services efficiently to meet business plans and requirements.
Technology partnerships are an important pillar of macmon's corporate strategy. The combination of macmon NAC with existing identity sources - CMDBs (Configuration Management Databases), Asset Management, AD/LDAP (Active Directory/Lightweight Direct Access Protocol) or even Mobile Device Management (MDM) – provides a comprehensive centralized, and integrated security approach for most company networks.
Since June 2021, baramundi’s own partnership with macmon has reduced security management workloads for baramundi Management Suite users with an interface for shared data. In particular, it improves endpoint management coordination and consistency at companies where different administrators or teams are responsible for device and network management.
By continuously expanding technology partnerships, macmon generates synergies with solutions from other security vendors. Information does not remain in information silos, but is accessed and exchanged within the IT applications to meet specific requirements. This reduces administrative workloads, improves overall IT performance and consistency through the use of automation, and significantly increases network security.