ProCurve 800 Network Access Controller
The ProCurve Network Access Controller 800 combines a RADIUS-based authentication server and the ability to validate the integrity of the systems connecting to the network, allowing network administrators to secure the network from unauthorized users and systems that pose a threat to the network resources.
Management
• Centralized endpoint policy management: endpoint testing policies are centrally managed by a single management server and shared by up to 10 enforcement servers
Performance
• Efficient endpoint testing: typical endpoint testing can be completed in less than 10 seconds, avoiding lengthy wait times as endpoints are connected to the network
Resiliency and high availability
• Enforcement server resiliency and redundancy: enable high network availability for mission-critical LAN deployments; enforcement servers continue to provide authentication and endpoint testing services in the absence of a management server and can be configured in clusters to provide redundancy and load-balancing for endpoint testing
Security
• Built-in RADIUS server: can perform authentication services or act as a proxy server for a remote RADIUS authentication service
Policy management
• Policy-based network access rights: integrate with ProCurve Identity Driven Manager (IDM) and network devices to apply centrally managed network access policies to be enforced at the edge of the network where users and devices attach; allow network administrators to easily create and maintain robust access policies, including secure guest access to appropriate network services, without risk to the network
Product Architecture
• The ProCurve Network Access Controller 800 can be configured to take on different roles in a secure network access solution: Management server: a centralized server that manages and monitors multiple enforcement servers, including the endpoint integrity policies and centralized logging of endpoint authentication and test results, availability, and status; Enforcement server: provides RADIUS-based authentication of endpoints, along with testing of endpoints to evaluate compliance with endpoint integrity policies, policy-based isolation of noncompliant endpoints, and customized user feedback on how to remediate issues; Combination server: a single-server solution that combines the management server and enforcement server roles into a single appliance solution. A combination server only manages the enforcement server that is running in the combination server.