Making Third-Party Products Work Better Through Contextual Intelligence
IdentityConnect is a software-based product that integrates with third-party network management systems (such as Exinda, iboss, and Palo Alto) to enable identity-based policies for BYOD, guest, managed, and non-browser network devices. The product uses Impulse’s Contextual Intelligence™ technology to correlate information from across the network on identity/role, device type, and location (along with other attributes such as ownership and compliance status) over time.
Based on its unique vantage point on the network, IdentityConnect™ is able to track these device attributes (aka Contextual Intelligence) as they traverse the network in real-time. This allows the solution to provide identity-to-device visibility within BYOD and guest environments to network management providers—allowing those products to work better.
What this means is that IdentityConnect is able to follow devices (in real time) as they traverse your network. Eliminating repeated log-in prompts for your users; and giving third-party products accurate and continuous information.
Impulse provides the ability to not only automate the enforcement of security and compliance policies, but also gathers a wealth of context-aware device information so you can make informed and intelligent decisions about your network. Impulse’s Contextual Intelligence™ technology delivers real-time device information that correlates identity/role, device type, and location (along with other attributes such as ownership and compliance status) over time.
Information gleaned “in context” regarding mobile devices on the network (both real time and historically) allow IT managers to make better decisions on network capacity, risk mitigation, and forensic analysis required for addressing compliance. Accessing real-time contextual information also reduces the number and length of help desk calls by improving the end user experience. Click here to learn more.
IdentityConnect™ is delivered on a virtual software appliance and offered as an annual or multi-year subscription service through Impulse Approved Partner Resellers at a fraction of the cost of existing network access control system alternatives. Contact us for more information.
The BYOD Management Challenge
The Bring Your Own Device (BYOD) phenomenon has introduced a major blind spot for next-generation products when it comes to associating user identity to non-AD domain managed devices. This includes employees, students, faculty, guests, and contractors who require access to network resources using their personally-owned mobile devices.
Additionally, the ever increasing mobility trend results in frequent IP address reassignments as users move on and off the network and from one wireless network zone to another. These constant changes also limit the ability to successfully track AD Domain managed devices, creating another visibility blind spot. Therefore, the IP address is no longer an acceptable mechanism for monitoring and controlling user activity for BYOD, guest and AD domain managed devices.
Organizations need a cost-effective solution that can associate a device’s attributes with its IP address in real-time to enable next-generation firewall, web content, and bandwidth policies by user identity (group), device type, and ownership (whether a device is corporate- or personally-liable).
Read More About It
“IdentityConnect enables Exinda’s Network Orchestrator to build enhanced user policies for non-AD managed devices such as phones and tablets that can address the BYOD challenge faced by many K–12 schools, colleges and universities,’” says Kevin Suitor, vice president of product management for Exinda. “The joint solution will ensure that all policies and quotas remain in place even as a user moves from one wireless network to another.”
“Alliances such as our partnership with Impulse are critical to combating today’s complex and sophisticated cyber threats, because the sharing of technology elevates the cybersecurity posture of all our customers. We look forward to a continuing atmosphere of cooperation where technology silos become a thing of the past,” says Peter Martini, iboss COO and co-founder.
Palo Alto Networks
“The future of the IT security industry is integrations and product coexistence. Impulse is ahead of the curve by integrating with next-generation firewalls, like Palo Alto Networks,” says Derek del Barrio, president of Solid Border, a Palo Alto reseller. “IdentityConnect enables Palo Alto to maintain accurate user identity for all devices on the network.”
End User Self-Service Portals
IdentityConnect integrates with third-party technology from providers like Exinda, iboss Cybersecurity and Palo Alto Networks to provide the following End User Self-Service Portals:
- User Authentication Portal. Captures user identity, AD/LDAP group membership, and ownership for users that have existing organization directory credentials (username and password)
- Comprehensive Guest Access Self-Enrollment Portal. Assigns identity and role to guests users based on their function (guest, vendor, contractor) without help desk involvement.
- Network Device Self-Registration Portal. Associates identity and role with non-browser network devices (gaming, media, printers)
- Assign policies based on contextual intelligence attributes (identity, location, time, ownership, and security compliance) for AD domain managed, personally-owned (BYOD), guest, and non-browser network devices.
- Single Sign-On (SSO) support for secure wireless 802.1X-WPA2E and AD domain authentication mechanisms which eliminates the need to repeatedly prompt users with a captive log-in portal page to gain identity.
- Authentication persistence for one-time or periodic authentication that prevents captive portal fatigue
- Flexible annual and multi-year subscription pricing; no additional upfront charges
- Real-time and historical contextual intelligence-based reporting
- Easy-to-deploy and supported by a cloud managed service
- Enhances existing investment in third-party product technology
Common Use Cases for IdentityConnect
- Assign web content access policies by user identity group (VIP, faculty, student, or guest).
- Assign bandwidth policies based on user role, device type, ownership, location, and time per device.
- Report on data consumption by user and group.
- Throttle bandwidth for a specific user and group.
- Assign application usage policies per device based on :
- User Group (executive, human resources, sales, faculty, student, vendor, guest)
- Ownership (corporate- or personally-liable)
- Device Type (laptop, iPad, mobile phone)
- Location (HQ, remote office, dormitory, public Wi-Fi, library)
24/7 Proactive Maintenance and Support Services
Impulse products are delivered as an operationally managed service. The health of the system is monitored from the Impulse Support Center and Impulse is responsible for delivering all necessary hardware and software maintenance, problem determination and resolution, and ongoing feature enhancement. Click here to learn more about our managed support services.