IDpoint has been in use by multiple early access customers from a range of industries.
“Compliance considerations leave us with the burden of proof that we protect confidential medical records. IDpoint has addressed this pain with a simple, intuitive policy enforcement engine that gives us proof of user access to private medical information,”
“We are able to drop in IDpoint – without making any infrastructure changes – and add the initial set of access policies integrated with our user directory in under an hour,” said Andrew Lingenfelter, General Manager of NCS DataCom, Inc., a managed security service provider. “IDpoint provides a distinct security advantage for our customers because we now have tremendous control over what specific resources and applications individual users and/or customers are authorized to access. Not to mention we then have a full audit trail for compliance related issues."
Network Segmentation, Policy Enforcement & Granular Access Control
Designed for the enterprise, IDpoint is placed in-line directly in front of certain sensitive application resources or servers in the data center as a hardened policy enforcement point. It enforces network-layer and specific application-
Adding Identity in the IP Packet
The IDpoint token inserts a secure, unique cryptographic representation of user identity, called AEP PacketTag™, into every IP packet destined for a protected resource. This ‘proof of identity’ tag is only added to packets destined for protected resources. As such, it eliminates the potential for unauthorized access to resources. However, all access attempts made against protected resources – whether allowed or denied – are logged for reporting.
Reporting, Auditing & Regulatory Compliance
IDpoint provides comprehensive, identity-correlated logging and reporting showing which users accessed what critical information resources from where, when, and for how long. Detail policy violations and PacketTag anomalies are logged as on-screen and printable reports. This unalterable audit trail greatly aids reporting and compliance challenges for PCI DSS, HIPAA, and other regulatory guidelines. Further, IDpoint segmented networks limit the scope and, therefore, complexity of compliance audits.
Simple to Deploy & Low Cost of Management
IDpoint is a “bump-in-the-
The solution works end-to-end between the IDpoint token on the client and the IDpoint appliance in the data center, allowing the IP network to remain a simple, fast pipe. This “security on the ends” approach offers simpler deployments and efficient management of moves, changes and rearrangements which is in stark contrast to network-embedded security alternatives like NAC, VLANs, complex ACLs and firewall policies that are difficult to manage and expensive to maintain. With IDpoint, granular access control is effectively managed by the LDAP/Active Directory administrator. This architectural approach makes IDpoint very useful in healthcare, pharmaceutical, financial services, managed services providers or any organization where privacy, network segmentation, data protection and compliance are important.
Additional Highlights of AEP IDpoint
Enforce end-to-end intelligent access policies across any IP-based network (LAN, WAN & remote/mobile users)
Stealth-mode policy enforcement:
Device identity determined via AEP Client Machine Identity (CMID) technology
Targeted endpoint integrity checks
“The identity-based access control gateway or network appliance enables the enterprise to audit who accessed specific information and application hosting servers, and impose preventative controls that limit access to users based on their identity and associated roles or group memberships,”
Pricing & Availability
General availability of AEP IDpoint will be mid-April 2008. List-pricing for IDpoint starts at $52,000, which includes 99 concurrent user licenses.
AEP IDpoint will be demonstrated at the RSA Conference 2008, San Francisco, April 7-10, at booth #234, and Infosecurity Europe 2008, London, April 22-24, at stand D235.
For more information:
Product Datasheet:
http://www.aepnetworks.com/
Product Photo:
http://www.aepnetworks.com/
About AEP Networks
AEP Networks offers a comprehensive Policy Networking solution that provides complete security starting at the endpoints and working throughout a network – from the edge to the core. AEP’s integrated portfolio of security products includes identity-based network and resource access control, SSL VPNs, high assurance IPSec-based VPN encryptors, and hardware security modules for key management. Our products address the most demanding security requirements of public-sector organizations and commercial enterprises internationally. The company is headquartered in Somerset, New Jersey, with offices worldwide.
AEP Networks, the AEP Networks logo, IDpoint and PacketTag are trademarks of AEP Networks, Inc., with registration pending in the United States. All other trademarks or registered trademarks contained herein are the property of their respective owners.
