Extreme Networks Policy Manager Uživatelský manuál stáhnout pdf (Strana 3)

NetSight

– Data Sheet

Policy Management

NetSight policy management centralizes all the policies for users,

applications, protocols, VLANs, ports, and data ﬂows. It automates

the deﬁnition, distribution, and enforcement of policy rules across

the entire network. With an intuitive user interface, administrators

can deﬁne policies once and then automatically enforce them on

Extreme Networks policy enabled infrastructure devices.

Uniﬁed wired/wireless policy management consolidates user

access to protect IT services. Policy management deﬁnes global

user policies, dynamically updates and continuously enforces

policy across wired and wireless environments. Packets are

inspected and ﬁltered at the AP and admitted or blocked based

on the user’s policy. Policy also controls topology management,

trac ﬂows and unlimited Class of Service for wireless controllers.

Policy is role-based, signiﬁcantly streamlining policy

administration. Individual users with similar behavior proﬁles,

such as sales man-agers, executives, or guest users are grouped

into a far smaller number of roles. Applying roles makes it far

easier to align the net-work infrastructure with the business and

control guest users, en-force regulatory mandates, and enforce

acceptable use rules.

Policy management includes a unique tool for delegating limited

administration controls to non-technical line of business users.

From a secure web-based console, a delegated user such as a

line of business manager, receptionist, or classroom instructor

can easily select a policy to implement. Policies are enabled or

disabled with a simple mouse click and changes are instantly

acknowledged on the console.

Network Access Control Management

Network Access Control (NAC) management combines with

Extreme Networks NAC appliances or virtual appliances for a

complete net-work access control solution, ensuring that only

the right users have the right access to the right information

from the right place at the right time. NAC management

software provides secure, policy-based NAC management.

From one, centralized location IT sta can conﬁgure and

control the NAC solution, simplifying deployment and on-going

administration. The Extreme Networks NAC IP-to-ID Mapping

capability binds together the username, IP address and MAC ad-

dress, and physical port of each endpoint. NetSight reports this

important information for audit or forensics analysis.

NAC management provides additional value through its

integration with other NetSight capabilities and Extreme

Networks security products. For example, NAC management

with policy management enable “one click” enforcement of

role-based policies. IP-to-ID Mapping is also used by ASM for

location-independent distributed intrusion prevention and by

Extreme Networks Security Information & Event Manager (SIEM)

to pinpoint the source of the threat.

Inventory Management

NetSight inventory management eciently documents and

updates the details of the ever-changing network. It simpliﬁes

the deployment and management of Extreme Networks

devices and supports basic conﬁguration and ﬁrmware device

management functions for popular third party devices. IT

sta can easily perform a broad list of tasks including device

administration on conﬁguration ﬁles, schedule ﬁrmware updates,

archive conﬁguration data, or restore one or multiple devices to

a known good state. Script-based conﬁguration allows custom

conﬁguration scripts to be pushed to a set of devices. NetSight

identiﬁes unused ports and chassis slots and tracks moves, adds,

and changes for Field Replaceable Units.

Inventory management also tracks conﬁguration changes

for Extreme Networks devices made by NetSight, third-party

management applications, or the command line interface.

Automated Security Management

Automated Security Management is a unique threat response

solution that translates security intelligence into security

enforcement. It interoperates with the Extreme Networks

Intrusion Prevention System (IPS) and third-party network

security appliances to automate responses to security incidents,

remediating threats in real-time. It ensures that corporate data is

protected, secure, and available.

ASM executes policy-based rules, and when triggered, maps

IP addresses to ports and takes assigned actions. The range of

possible response actions is broad and conﬁgurable, including

quarantining the user, disconnecting a wired or wireless client, or

rate-limiting the trac ﬂow. Taking the action does not disrupt

other users.

Combined with policy management functions and IPS, ASM

provides sophisticated identiﬁcation and management of threats

and vulnerabilities. For example, when notiﬁed by the IPS, ASM

can determine the exact source location of a threat, determine a

response based on the security policy, and trigger the conﬁgured

action on the network switch, access point or wireless controller.

Mobile Management

NetSight mobile management extends OneView

optimizing

net-work management and help desk troubleshooting with

anywhere, anytime access to critical information using popular

mobile devices such as Pad®, iPhone® and Android™ devices.

Capabilities include: Network Access Control (NAC) end-

system view, system location and tracking, wireless dashboards;

detailed views of controllers and APs; event logs, and wireless

client search.

1 2 3 4 5 6 7

Komentáře k této Příručce

Žádné komentáře

Extreme Networks Policy Manager Uživatelský manuál Strana 3

Komentáře k této Příručce

Související produkty a manuály pro Software Extreme Networks Policy Manager