| |
Additional information
-
Integration:
-
Dynamic and automatic synchronization of managed users from the authentication database Identity Driven Manager provides administrators with the ability to synchronize users from Active Directory.
-
Mapping of groups from the authentication database When synchronizing Identity Driven Manager from the authentication database, Identity Driven Manager will map the user's group to an access policy group (APG) with the appropriate policies.
-
Import users from an XML file If current user data is not kept in an LDAP-compatible data store, Identity Driven Manager can read users and group membership from an XML-formatted file.
-
Works with industry-standard RADIUS protocol Access policies are set based on RADIUS authentication, so customers have a choice of authentication database and a reliable, time-tested technology for authentication.
-
Security:
-
Dynamic access rules based on time, location, and user system are formed by administrators and dynamically applied Access-policy communities have rules that are applied to each user in the community based on the time, location, and user system. These dynamic inputs are evaluated and the policies applied according to the user's profile, so the appropriate access policies are applied at the right time and place.
-
Automatic VLAN assignment Users are automatically assigned to the appropriate VLAN based on their identity, community, location, and time of day.
-
Integrity state checking Identity Driven Manager will receive an indicator of the client's state of health from the client system's security agents (third parties). These third-party clients will perform integrity checking and report it to Identity Driven Manager in the standard RADIUS data stream.
-
User-based access control lists (ACLs) Users can be allowed or denied access to network resources (i.e., servers, printers) based on the destination IP address or a range of IP addresses, and/or to network services (i.e., Web pages, instant messaging, or FTP) based on well-known or user-defined TCP/UDP ports.
-
Performance:
-
Traffic prioritization Traffic prioritization (QoS) is automatically set for the user based on identity, community, location, and time of day.
-
Rate limits Rate limits are automatically applied to user traffic based on identity, community, location, and time of day.
-
Ease of use:
-
Auto-discovery of identity objects RADIUS servers with IDM agents, RADIUS realms, and users are automatically discovered at login and assigned to a default policy group for the administrator's attention.
-
Grouping of users into access-policy communities Identity Driven Manager allows administrators to group users into access-policy communities to apply policies.
-
Resiliency and high availability:
-
The Identity Driven Manager agent can run independently and be deployed to redundant RADIUS servers The Identity Driven Manager agent can be deployed to each RADIUS server in the network. The agents are able to operate independently from the Identity Driven Manager server, allowing Identity Driven Manager to be deployed to multiple redundant RADIUS servers providing authentication services for network devices.
-
Identity Driven Manager updates the server with transactional resilience The Identity Driven Manager agent uses a transaction process to update Identity Driven Manager server data. If the connection from the agent on the RADIUS server to the Identity Driven Manager server is broken, the agent will queue the data until the connection is restored and then transmit the data, as appropriate, back to the Identity Driven Manager database.
-
Device support:
-
ProCurve intelligent edge switches 5400zl series, 5300xl series, 3500yl series, 3400cl series
-
ProCurve traditional edge switches 6108, 4200vl series, 2800 series, 2600 and 2600-PWR series, 2500 series
-
ProCurve wireless access points 530 AP, 420 AP
-
ProCurve wireless edge services Wireless Edge Services zl and xl modules
-
ProCurve Secure Access Access Control Server 745wl, Switch xl Access Controller Module
» Return to top
|
 |
|
