Home Page | Skip to Navigation | Skip to Content | Skip to Search | Skip to Footer

OPSEC Partners

ConSentry Networks

Product Version Certified: LANShield version 2.2
Certified for use with: ICS 4.0

Product Description: The LANShield Controller provides NAC and a whole lot more without having to redesign your network. It also provides real-time threat control, LAN visibility like you've never seen it, and post-admission access controls to segment users without managing complex and cumbersome ACLs and VLANs. LANShield is fast, simple, and cost-effective LAN security.
 
Key Features and Benefits
OPSEC Integration		 Clear
 
Company Description: ConSentry Networks delivers a holistic approach to LAN security ensuring that only the right people get onto the LAN, they access only the information they should, and worms and other attacks do not take down the network.

ConSentry takes you beyond NAC by providing identity-based access controls, zero-day threat containment and layer 7 visibility that fits into your existing LAN without a redesign or upgrade. Simple, economical and wire-speed.

Founded in 2003, ConSentry is based in Milpitas, California and has received funding from Accel Partners, DAG Ventures, INVESCO Private Capital, and Sequoia Capital. For more information visit their website.
 
Key Features and Benefits

ConSentry has developed the LANShield Controller to make it easy for IT to embed security directly into the LAN infrastructure. The Controller provides the full set of capabilities needed to protect enterprise assets:

  • Network Admission Control (NAC) – authentication and posture check to control who can enter the LAN

  • Visibility – incident- and exception-based information at Layer 7+, tied back to the user identity

  • User access control – user/role-based access controls to segment users or groups without using complex and cumbersome ACLs and VLANs.

  • Threat control – block propagation of worms and other malware in real-time to prevent network meltdown

The ConSentry LANShield silicon architecture provides the foundation for the LANShield Controller's capabilities. This custom hardware includes a 128-core processor and two programmable ASICs that work together to perform deep packet inspection at 10 Gbps. The programmability of the hardware enables ConSentry to keep pace with changes in applications and security requirements.

Deployment – Transparency, High Availability, IT Initiatives
The LANShield Controller sits between access switches and the distribution or core layer, aggregating uplinks from the wiring closets and enforcing access policies on all traffic. A transparent device, the LANShield Controller requires no changes to network design or user behavior, simplifying deployment and IT’s cost of operations.
 
OPSEC Integration
Using Check Point's Integrity Clientless Security (ICS) technology, ConSentry LANShield Controllers analyze and act upon an endpoint's current security posture before granting clients full network access. By scanning clients as they connect to the network, insecure or compromised systems are shielded from the production network until they have been properly cleaned and protected.