Segmentation
Segmentation is the OpenNAC Enterprise module that enables you to automatically segment corporate networks. The segmentation you can perform on a corporate network determines the network segment to which a device will be assigned after the evaluation of several parameters (user identity, role, connection time, user device, etc.)
Network segmentation can be carried out in different ways to maximize benefits for the infrastructure: grouping different network components for a more efficient authentication and authorization process.
Main feautures
Protecting critical assets
Devices and/or users are dynamically and automatically assigned to the appropriate VLAN based on the criticality of assets.
Ensuring business continuity
Segmentation makes it possible to detect threats in real time, isolating the device at layer two. The response to incidents and reports on the impact and progress is demonstrated through the data displayed in the various dashboards.
Segmentation of IoT devices
Establishes proper network segmentation in order only to maintain connectivity within segments with that allow systems with a large number of IoT devices.
Implementation
01
All connections from all devices on the network send different attributes to OpenNAC Enterprise once they have entered the network.
02
OpenNAC Enterprise assesses the attributes of each connection and depending on the result, assigns a network segment or takes a specific action with each connection.
03
The connection is assigned a segment or a group which has a given set of access rights and permissions.
Case use
Jose is the IT manager at a company in the metalwork industry. His CEO has called him to tell him about a security issue of the highest priority.
The issue described by the CEO relates to documents from the accounts department, such as the employee payroll, which can currently be accessed by anyone in the organization.
The CEO has asked Jose to ensure that documents and information from each department of the organization are only available to the corresponding department.
Jose reminded the CEO that a project to implement an access control tool is in the process of budget approval and will allow segmentation of the network by departments and user identity, assigning the access and permissions that correspond to each person’s role.
The CEO has given priority to this project and has given the green light to the implementation of this dynamic network segmentation and access control tool.
The organization has implemented the Segmentation module of OpenNAC Enterprise in record time, not only efficiently resolving the problem but also maintaining the option to implement further functionality with minimal effort.
About the module
Algunos de nuestros clientes hablan sobre los resultados obtenidos tras la implementación del módulo de la solución OpenNAC Enterprise.
“The great challenge was to divide up the networks in line with the different areas of the organization. We wanted each employee only to have access to the network services they needed, based on their role and department. It was essential to adhere to the principle of least privilege”.
One of our clients
Other OpenNAC modules
OpenNAC Enterprise is the only modular access control and visibility solution for corporate networks on the market. The modules adapt smoothly and simply to the level of technological maturity of your company.
Request a demo
Complete the form and one of our experts will contact you