1. portnox.com
Portnox’s Network Access Control (NAC) Platform traverses all network layers - physical, virtual or in the
cloud - to illuminate, visualize, analyze and control all connected users and devices. With an agentless
and appliance-less architecture it easily scales across major sites, remote offices, BYOD environments
and the Cloud requiring no changes to network infrastructure. It’s unmatched ability to reach every
fragment of the network regardless of layer or location results in the most accurate and real-time view of
an organization’s network enabling smarter, more productive and secure decisions.
The Unique Advantages of Portnox
Boundless
No Appliances
Portnox does not require any appliances (virtual or physical) and
is very easily implemented without the need for network topology
changes, port mirroring or mapping.
Coverage For All Network Layers
Beyond the traditional Ethernet and wireless, Portnox extends
to provide policy on VPN connections, Virtual infrastructure
(datacenter or Virtual Desktop Infrastructure [VDI]) as well as
BYOD and Cloud environments.
Coverage Across All Network Locations
Portnox works with existing networking equipment allowing it to
extend effortlessly across an organization’s entire geography -
major sites and remote locations alike.
No Agent Software and Coverage for All IP Devices
Portnox provides full functionality without the need for any agent
software to be installed on connecting devices allowing for a
far simpler deployment and tighter security policies with less
exceptions in place for unique/esoteric devices. To achieve
this, Portnox leverages 20+ profiling and authentication profiles
including a proprietary signature mechanism. No open source
tools such as NMAP or MAC address based profiles are used.
WITH PORTNOX YOU CAN:
• Get to know who, when, how and
where devices and users are taking
part of your network
• Monitor all access and identify
each connecting device, user and
location
• Enforce location based access
policy
• Enforce corporate security &
ensure regulatory compliance
• Regain the control of your virtual
domain
• Maintain granular access control at
the level of the access layer
• Contain infected and rogue devices
• Achieve comprehensive network
hygiene
DATA SHEET
Think again.
THINK YOU KNOW
YOUR NETWORK?
2. USA tel. +1.855.4portnox | usinfo@portnox.com | 623 Eagle Rock Avenue, Suite 396, West Orange, NJ 07052
UK tel. +44.1273.256.325 | dotell@portnox.com | 5 Albourne Court, Henfield Road, Albourne, West Sussex BN6 9FF
ISRAEL tel. +972.9.957.9889 | fax.+972.9.950.9879 | tellus@portnox.com | Elbe House, 33 Ben Gurion St., Herzlia 46785
Smart
Control All Connected Devices
In contrast to existing NAC solutions which scan
pre-defined IP scopes, thereby ignoring any device
utilizing a different IP address, Portnox monitors all
connected devices by communicating directly with
all switches, wireless controllers, VPN gateways and
virtual hosts. No stone is left unturned.
Intelligent Security Policies
By leveraging this unique ability to scale across all
layers, all locations and all devices Portnox provides
security policies that are far more agile, advanced and
practical than the typical NAC solutions. This greatly
minimizes false disconnections providing a more
sensible balance between productivity and security.
Location!, Location!, Location!
Since Portnox interacts directly with the switching
equipment, it factors the physical location of the device
into the security equation. This results in a far more
logical and secure policy that correlates the identity of
the connecting device and user to each decision. The
benefits of this approach cannot be overstated and
they apply to almost every decision Portnox can make:
• The physical location of the port or device can
translate into the security policy thus enabling
far stronger policies in sensitive areas such as
datacenters, executive offices or production/factory
floors without creating false disconnections in less
sensitive areas such as lobbies, conference rooms,
etc.
• Exceptions for devices with limited ability to
authenticate/communicate are always ring-fenced to
specific physical locations in the network. Imagine a
rule allowing IP cameras or thermostats to connect.
By factoring their physical location, Portnox ensures
they cannot be removed, duplicated or mimicked
without detection.
Prior Behavior or ‘Credit Score’
For NAC policies to be effective, they must require
connecting devices to meet varying levels of
compliance. On average and even in the best
managed environments every device will fail
compliance every 12-18 months for a myriad of
perfectly valid reasons. Rather than immediately
disconnect a potential innocuous device for a simple
compliance infraction, Portnox can factor its prior
Scale
Super Lightweight Policy Enforcement Points
Portnox Knoxer™ is a propriety and lightweight software
designed to carry out Portnox’s policies and controls in
remote locations. Knoxer can be easily virtualized or set
to run on a standard thin-client PC. It removes the needs
for costly, replicated, remediation infrastructure and
provides enterprises with an easily and cost-effectively
means of scale their NAC deployment.
Versatile Licensing
Portnox’s licensing is in direct correlation to the
infrastructure allowing it to logically scale as the
organization grows. There are no fees for additional
Portnox servers or Knoxers and both can be natively
virtualized on any common virtualization platform such
as VMWare or HyperV. This allows organizations with
complex and fragmented networks the greatest agility
and flexibility in controlling their networks and policies.
Easily Integrated and Extensible
To ensure easy integration with an organizations existing
SIEM/SOC as well as other dashboards, Portnox ships
with a mature set of tools including CLI, Web Service
APIs and troubleshooting utilities.
Role Based Administration
Portnox has a flexible policy for allocating customized
administrative rights to the various roles at a company
responsible for managing Portnox. This means that
a helpdesk employee could be granted the rights to
shut down or enable a single port, whereas a network
or system administrator could be given more policy
orientated rights (such as configuration of corporate
security policies, VLAN assignments, etc.)
“The Portnox system enables us, on one hand to pinpoint
the access to the network at the single access point
(port) and on the other hand it gives us the reach of
a granular oversight which provides a management
interface for each department.”
Mr. Itzik Cohen - Chief of IT and Infrastructure
El Al Israeli Airlines
DATA SHEET / UNIOQUE ADVANTAGES