Integrated BYOD Security Solution
Bradford Networks and FireEye
Overview:
Customer needs
In today’s organizations, users increasingly use a wide range of mobile consumer devices including smartphones, tablets, and laptops to access the company network. While many companies are embracing bring your own device (BYOD) strategies to increase productivity, reduce costs, and drive employee satisfaction, IT departments have little visibility and control over such users and BYOD devices, complicating network security and introducing significant risk.
Gaining visibility into all the users and devices on the network is the first step to enabling secure access. BYOD solutions must be able to automate detection, validate advanced malware, as well as intelligently identify registered users, guests, and devices. BYOD solutions must then be able to consistently and automatically respond to infections by applying role-based security policies across both wired and wireless segments, and take the necessary action to prevent and remediate security breaches.
- Protection across corporate devices and the BYOD domain
- Secure network access without hampering productivity
- Automate detection and apply role-based security policies
FireEye and Bradford Networks
Bradford Networks ™ and FireEye offer an integrated BYOD security solution that provides organizations with visibility and protection from stealthy Web and email threats that attempt to access the network via corporate-issued and personal BYOD mobile devices. ®
Bradford Networks’ Network Sentry solution enables IT staff to effectively manage network access for many different types of personal and corporate owned mobile devices and categories of users with a minimal investment of time and effort. Depending on the device type, user, location, and other parameters, Network Sentry provides dynamic network access to the appropriate network resources and applications while protecting intellectual property and critical infrastructure from unauthorized use. Employees, consultants, contractors, and guests can use their preferred devices to become more mobile and productive without putting the organization at risk.
- Automated Security Solution
- Ability to use preferred devices to enhance productivity
- Advanced quarantining of compromised endpoints
- Network Access management with minimal time investment
- Dynamic network access to resources
Key Benefits
- Automated, rapid response: Automatically correlates user, device, and location information with newly or previously compromised device’s IP address for immediate detection and remediation
- Auto-quarantine: Upon detection automatically removes or isolates non-compliant or compromised devices from the production network
- Reduced Total Cost of Ownership (TCO): Increases security by automatically processing FireEye-scanned endpoints. Enforces access policies based on user and device profiles to cut IT management overhead
Integrated Solution
- Rapid detection of systems and users
- FireEye detects and blocks outbound malware transmission
- Network Sentry applies pre-defined policy to remediate problem
- Supports all brand of network equipment
- Eliminates network blind spot
How the Joint Solution Works:
The FireEye platform and Bradford Networks integration enables the rapid isolation of infected systems in the event of an advanced cyber-attack. The solutions work together to enforce advanced isolation policies to reduce the scope of an attack.
The challenge of BYOD
In today’s organizations, users increasingly use a wide range of mobile consumer devices including smartphones, tablets, and laptops to access the company network. While many companies are embracing bring- your-own-device (BYOD) strategies to increase productivity, reduce costs, and drive employee satisfaction, IT departments have little visibility and control over such users and BYOD, complicating network security and introducing significant risk. Gaining visibility into all the users and devices on the network is the first step to enabling secure access. Solutions must be able to automate detection, validate advanced malware, as well as intelligently identify registered users, guests, and devices.
Bradford Networks’ Network Sentry solution enables IT staff to effectively manage network access for many different types of personal and corporate-owned mobile devices and categories of users with a minimal investment of time and effort. Depending on the device type, user, location, and other parameters, Network Sentry provides dynamic network access to the appropriate network resources and applications while protecting intellectual property and critical infrastructure from unauthorized use. Employees, consultants, contractors, and guests can use their preferred devices to become more mobile and productive without putting the organization at risk.
How the joint solution works
Network Sentry automatically identifies and profiles all devices and all users on a network—providing visibility into who, what, where, and when someone connects to the network—and then provisions network access based on pre-defined security policies. The FireEye platform is designed to ensure the devices are not infected with today’s new breed of cyberattacks, such as zero-day threats and APT attacks. If a device becomes infected on the network, the FireEye MPS automatically detects and blocks the infected device then sends the compromised IP address via
Syslog to Network Sentry. Network Sentry correlates the IP address with its endpoint inventory of every connected device, which includes details such as user name, location (switch and port connection point) and time of connection, to accurately locate the infected device.
Features and Benefits:
Customer benefits
Automated, rapid response: Automatically correlates user, device, and location information with newly or previously compromised device’s IP address for immediate detection and remediation
Auto-quarantine: Upon detection automatically removes or isolates non-compliant or compromised devices from the production network
Reduced Total Cost of Ownership (TCO): Increases security by automatically processing FireEye-scanned endpoints Enforces access policies based on user and device profiles to cut IT management overhead
Integration advantage
- Rapid detection of systems and users
- Fir malware transmission
- Network Sentry applies pre- defined policy to remediate problem
- Supports all brand of network equipment
- Eliminates network blind spot
Use cases
Network Access Control (NAC) support
- Monitor and notify scenario—no automatic enforcement
- Automatic remediation by taking the device off the network completely
Customer win example
Vertical Industry: Oil/Energy
Location: North America
Reason for Integration: Pre connect posture assessment, associating users to devices, building complete network and endpoint inventory.
The FireEye technology identifies post-connect anomalies, notifies and configures Bradford Networks to move the compromised device to quarantine.
Network Diagram:
1 A compromised system connects to the corporate network and attempts to call home
2 FireEye blocks callback
3 FireEye alerts Bradford Networks’ Network Sentry of the infected system
4 Bradford Networks’ Network Sentry correlates IP address user name and device d etails to identify location and then isolate the device
Documentation:
Download the FireEye Bradford Product Solution Brief (PDF).
Download the FireEye Bradford Quick Reference Guide(PDF).