Scribd Logo
Importer

Bienvenue sur Scribd !

  • Aerohive Data Sheet

    Transféré par

    Rich Olson
    62 vues7 pages
    wireless

    Titre original

    Aerohive data sheet

    Copyright

    © © All Rights Reserved

    Formats disponibles

    PDF, TXT ou lisez en ligne sur Scribd

    Avez-vous trouvé ce document utile ?

    Ce contenu est-il inapproprié ?

    Signaler ce document
    wireless

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    62 vues7 pages

    Aerohive Data Sheet

    Transféré par

    Rich Olson
    wireless

    Droits d'auteur :

    © All Rights Reserved
    Téléchargez comme PDF, TXT ou lisez en ligne sur Scribd
    Signaler comme contenu inapproprié
    sur 7

    Security and Control for all Devices on the Access Network

    DATASHEET
    Aerohive A3

    Aerohive A3

    Aerohive A3 is an innovative solution for securing, managing and controlling all devices on your Access
    Network – from standard wireless and wired clients to IoT and BYOD.
    A3 provides a complete set of functionalities for device onboarding, guest management, automated device provisioning, device profiling
    and network access control. With its streamlined workflows and intuitive user interface, A3 greatly reduces the operational complexity
    and cost typically associated with incumbent offerings. It can be deployed on all major vendors’ access networks.

    Key Features & Benefits

    Supports all devices and users on the access network Seamless integration with existing IT security infrastructure
    A3 secures standard wireless and wired corporate clients, BYOD, Customers can directly integrate A3 with the market leading
    IoT and guest devices alike. It also supports the creationand firewalls, MDM and endpoint security systems, Intrusion Detec-
    administration of granular network access rights (e.g. by access tion Systems (IDS) and Posture Assessment solutions they
    to applications, time of day, location on the network) depending already have installed and continue to leverage their existing
    on the user’s role. security investment.

    Complete onboarding for guest and corporate devices Unparalleled deployment flexibility
    A3 includes a highly customizable captive web portal (CWP) that A3 supports on-premises deployments, based on a Virtual Appli-
    supports self-service onboarding for visitor devices, while a compre- ance (VA), with a choice of standard or clustered High-Availabili-
    hensive management interface and automated device provisioning ty configurations. As of Q4 2018, A3 also offers a cloud-based
    of 802.1X certificates enables onboarding of corporate devices. solution, and a hybrid deployment model.

    Comprehensive authentication toolset Device fingerprinting and profiling


    For authentication of corporate devices, A3 supports 802.1X certifi- A3 includes the largest available device fingerprint database, that is
    cates with its built-in RADIUS server. Where certificates are not constantly updated. Device fingerprinting is the most comprehen-
    practical, A3 provides alternative authentication methods like sive method for identifying a device type (e.g. laptop vs. smart-
    Private Shared Keys (PSK), and Aerohive’s Private Pre-Shared Keys phone vs. HVAC sensor) automatically when a device requests
    (PPSK, coming in Q3 2018) that offer strong, unique keys without the network access. A3 then leverages this information to grant appro-
    complexity of 802.1X certificates. priate network access rights to each device based on its category.
    This includes IoT, which are otherwise very hard to identify and
    secure effectively, much less in an automated fashion.
    Network Access Control (NAC)
    A3 provides complete functionality for Network Access Control
    that ensures authorized devices stay secure over time. Features Supports access networks from all leading vendors
    include device scanning for security compliance, quarantining of Access networks typically include wired and wireless infrastruc-
    non-compliant devices to prevent network access, and guided ture components from multiple vendors. A3 supports WLAN
    self-remediation to reduce IT helpdesk calls. equipment and switches from all leading vendors, including
    Aerohive, which provides an added level of deployment flexibility.

    Security for the Internet of Things (IoT)


    Connected devices like thermostats and lighting systems in the IoT
    context present a unique set of challenges for IT security. A3 is
    uniquely equipped to onboard, secure and control “Things”, with
    user-friendly bulk on-boarding, built-in device profiling and Aerohive’s
    unique Private Pre-Shared Keys (PPSK, coming in Q3 2018).

    2
    AEROHIVE A3
    Product Screenshots

    Intuitive graphical dashboard

    Services overview and administration

    Configuration of external authentication sources

    Extensive reporting capabilities

    3
    AEROHIVE A3
    Product Specifications

    Management Features Authentication

    • Role-based Access Control (RBAC) • EAP Protocols


    • Per User • EAP-FAST, PEAP, EAP-TTLS, EAP-TLS, PAP, CHAP, MSCHAPv1 and 2, EAP-MD5
    • Per Switch
    • Per VLAN • 802.1X Support
    • Per Client • RADIUS to AD/LDAP server support for 802.1X authentication
    • Per Client Category • 802.1X (PEAP) or Certificate (TLS) BYOD automated onboarding
    • Per Device Type • User Authentication Portal (AD/LDAP)
    • Per Time • PKI with EAP EAP-TLS, EAP-TTLS, EAP-LEAP, EAP-PEAPv0,
    • Per Location EAP-PEAPv1, EAP-MSCHAPv2

    • Object based configuration management • Authentication Types


    • Define roles, domains, authentication sources, switches and WLANs, • LDAP
    and connection profiles easily • Microsoft Active Directory
    • Novell eDirectory
    • Automated checkup and fix permissions tasks • OpenLDAP
    • Any LDAP-compliant servers
    • Accounting based on several criteria • RADIUS
    • Node, switch groups, user, role, OS, source, realm, SSID, profile and domain • Cisco ACS
    • Violations, failures, successes, registration type and state • RADIUS (FreeRADIUS, Radiator, etc.)
    • Microsoft NPS
    • Any RADIUS-compliant servers
    Guest, BYOD and IoT Management • Local user file (Apache htpasswd format)
    • OAuth2
    • Customizable Captive Web Portal (CWP) • Facebook
    • Google
    • Wireless ISP Roaming (WISPR), Eduroam and Hotspot 2.0 • GitHub
    • LinkedIn
    • Supports billable hotspots • Microsoft Live
    • Billing and service tiers • Twitter
    • Payment processing through Paypal, Mirapay, Authorize.net, Stripe • SAML
    • Additional built-in SQL DB for User store for deployments without LDAP
    • Guest Access Self Registration • PPSK (Q3)
    • With or without credentials
    • Self- registration with Social login
    Secure Provisioning
    • User device registration
    • Provisioning agents
    • Employee sponsorship • Android
    • Windows
    • Email Validation • API for all Apple devices

    • SMS Validation

    • Password-of-the-day

    • “Device profile” or “device fingerprint” based onboarding

    • Aerohive Private Pre-Shared Key (Q3)

    4
    AEROHIVE A3
    Product Specifications

    Network Access Control Integration Capability with Complementary Security Infrastructure

    • Realtime security policy assessment (posture assessment) & notification A3 supports direct integration with these 3rd party IT security solutions:
    for multiple OS
    • Intrusion Detection (IDS):
    • Gradual Deployment • OPSWAT Meta defender
    • Pre-registration • Snort
    • Per location/switch/port deployments • Suricata
    • Fortigate
    • Automated Device Registration • TrendMicro
    • By network device
    • By device fingerprinting • Vulnerability / Posture Assessment
    • By MAC address vendor • Nessus
    • Integration w/ 3rd party systems for registration • OpenVAS
    • Snort, Nessus, OpenVAS, Browser User-Agent and more • Windows Management Interface
    • VLAN isolation and quarantining (See supported switches below) • TNC Statement of Health protocol

    • Netflow / IPFIX • Endpoint Security


    • OPSWAT Meta defender Agent
    • Bandwidth accounting • Symantec SEPM
    • Sentinel One
    • Floating device support
    • Switches and APs • Mobile Device Management (MDM)
    • Mobile Iron
    • JAMF
    Profiling • AirWatch (Q2)
    • IBM MAAS 360 (Q3), Microsoft inTune (Q3)
    • Functionality
    • Profiling of devices/ IoT device recognition • Firewalls
    • Group based policies for network devices • Barracuda
    • Device visibility and identification • Checkpoint
    • Cisco
    • Device Fingerprinting • Fortinet
    • World’s largest device fingerprinting database • Fortigate
    • DHCP v4 & v6 • iBoss
    • User Agent • PaloAlto Networks
    • MAC address Patterns • Watchguard
    • OUI • Sonicwall (Q2)
    • TCP fingerprints
    • Behavioral analysis • Microsoft PKI
    • Simple Certificate Exchange Protocol (SCEP)
    • Network Device Enrollment Service (NDES)

    5
    AEROHIVE A3
    Product Specifications

    Deployment Flexibility Hardware Requirements

    • Simplified Deployment • Virtual Appliance Support


    • Out of band deployment • Deployed as VA
    • Hybrid out of band • VMWare ESXi 4.0 and above

    • High Availability • Minimum System requirements


    • Active/Active Clustering • Intel or AMD CPU 3 GHz or better
    • Supports deployments of millions of devices • 16 GB of RAM or more
    • 100 GB of disk space (RAID-1 recommended)
    • Supported deployment models: • 1 network card (2 recommended)
    • Virtual Appliance (VA)
    • Cloud-based deployment (Q4) • High Performance Active Clustering
    • Minimum recommended cluster is 3 hosts for HA, load balancing and failover
    • Supports WLAN Infrastructure from the following vendors: • Significantly increases capacity and throughput
    Aerohive, Aruba Networks, AnyFi, Avaya, BelAir, Brocade, Cisco, D-Link, Dell,
    Extreme Networks, Enterasys, Extracom, Hewlett-Packard, Huawei, Juniper, • Contact your Aerohive partner or representative for configuration assistance
    Meraki, Meru Networks, MicroTik, Mojo Networks, Motorola/Zebra, Ruckus
    Wireless, and Xirrus Networks
    Professional Services
    • Supports network switches from all leading vendors:
    Aerohive, Alcatel-Lucent, Avaya, Brocade, Cisco, Dell, D-Link, HP, Huawei, • Optional professional services are available through local Aerohive partners.
    Juniper, Linksys, Ubiquiti, and more

    • VoIP support, also in heterogenous environments, for multiple switch vendors


    Avaya, Cisco, HP and more

    6
    AEROHIVE A3
    Product SKUs

    AEROHIVE A3 - SKUs

    SKU DESCRIPTION

    AH-A3-VA Software license for A3 Virtual Appliance (VA). Required with A3 subscription.

    AH-A3-HA High Availability software license for 2 additional VA for cluster configuration; optional for all deployments.

    AH-A3-1K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 1,000 concurrent clients/endpoints. Includes support.

    AH-A3-5K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 5,000 concurrent clients/endpoints. Includes support.

    AH-A3-10K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 10,000 concurrent clients/endpoints. Includes support.

    AH-A3-25K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 25,000 concurrent clients/endpoints. Includes support.

    AH-A3-50K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 50,000 concurrent clients/endpoints. Includes support.

    AH-A3-75K-SL-1Y/3Y/5Y 1/3/5 Year subscription for up to 75,000 concurrent clients/endpoints. Includes support.

    AH-A3-100K-SL-1Y/3Y/5Y 1/3/5 Year subscription for 100,000 (and more) concurrent clients/endpoints. Includes support.

    ©2018 Aerohive Networks. All Rights Reserved. 7

    Vous aimerez peut-être aussi