Ignition Server—Precision Made Simple
Precise network access control is now possible with Identity Engines Ignition Server™—a state-of-the-art network identity management device with a powerful policy engine to centralize, streamline and secure access across the network.
“…Adding additional switches or access points is a breeze. In fact, it is so easy we added several devices here at SC Lab just because we could.”
—SC Magazine
Ignition Server™ offers a new level of accuracy, with identity- and policy-based control over who accesses your network, where, when, how, and with what type of device.
Easy to deploy and use, Ignition™ is a powerful, scalable foundation for network access control, guest access, secure wireless, compliance, and more.
| |
|
|
|
|
|
|
Frequently Asked Questions
|
|
|
|
| High Availability |
Robust architecture with unmatched fault resistance for maximum uptime. |
| Powerful Standards-Based Policy Engine |
Ignition ensures transparent, consistent enterprise-wide application of access policies that evaluate user, transaction and authenticator attributes. |
| Vendor-Neutral Design |
Easily integrates via open standards, and compatible with systems from a wide variety of vendors. |
| Identity Routing and Virtualization |
Ignition allows you to designate its route to search across multiple user stores for user credentials. |
| Dynamic Session Provisioning |
Assign each user to an appropriate VLAN, based on the attributes of the user or the context of the login. |
| Ignition LiveView™ |
Monitor user sessions across your network resources in real time, based on identity. |
| Hardened Appliance |
Hardened kernel, tamper-detection hardware and the encrypting file system combine to keep your secrets safe. |
| |
Ignition
Server |
Microsoft
IAS |
Juniper
SBR |
Cisco
ACS |
| Guest Services Application |
|
|
|
|
| Ease of Use |
|
|
|
|
| Secure Wireless |
|
|
|
|
| Policy Engine |
|
|
|
|
| Ease of Deployment |
|
|
|
|
| Web Authentication Portal |
|
|
|
|
| Multiple Directory Support |
|
|
|
|
| High Availability |
|
|
|
|
| Identity Based Security |
|
|
|
|
| RADIUS AAA |
|
|
|
|
| Fully supported: |  |
Mostly supported: |  |
Partially supported: |  |
| Marginally supported: | |
Not supported: | |
|
|
|
Protocols and Specifications
- RADIUS Server
- PAP, MS-CHAPv2
- EAP (Extensible Authentication Protocol): PEAP, EAP-MD5, EAP-MSCHAPv2, TLS, TTLS, GTC
User Stores
- Microsoft Active Directory 2000 and 2003
- Sun Java System Directory Server 5
- Novell eDirectory 8.7
- Embedded User Store
RFC Compliance
- RFCs 1320, 1321, 1994, 2548, 2716, 2759, 2865, 3579, 3748
- IETF Draft: ”Protected EAP Protocol (versions 0, 1, 2)
- IETF Draft: ”Microsoft EAP CHAP Extensions
Security
- Hardened operating system
- Encrypted file system with encrypted backups
- PKI-based encryption
- Hardware tampering and intrusion detection
- Secured connectivity with user interfaces
Dimensions
- 1U rack mountable appliance
- 53.34 cm (21") D X 43.18 cm (17") W x 4.39 cm (1.73") H
- Weight: 14.06 kg (31 lb)
Hardware Components
- 64-bit high performance CPU
- 160GB disk drive
- Universal power supply (100–240VAC @ 50–60Hz)
- (4) 10/100/1000 RJ-45 connectors
Environmental Requirements
- Temperature: 5°C (41°F)–35°C (95°F)
- Humidity: 10%–100% non-condensing
How is Ignition Server different from a regular AAA Radius server?
Other RADIUS servers on the market today do not include powerful, flexible policy engines, nor is their integration with backend directory stores sufficient to extract key user information for authorization decisions. In order to securely scale for network growth and solve key network access and compliance issues, including authorization and integration with multiple directories, companies need a more robust solution than what has traditionally been offered.
How does the solution work?
Identity Engines is the first to bring identity awareness to the network access control decision, so access decisions are made based on the assigned privileges for that particular user, in addition to the device they are using, their location and any other relevant attribute. Ignition Server accomplishes this by integrating a flexible policy decision service with directory virtualization layer back-end and a RADIUS protocol front end. This enables identity attributes and groups to be used to determine and respond to network authentication requests. This enables any network component such as switches, routers, wireless access points, VPN concentrators, firewalls to make intelligent access decisions based on the identity of the user and their relationship with the organization.
Is Ignition Server compatible with the equipment in my network?
Ignition Server is a standards-based solution that supports RADIUS and can easily be integrated with equipment from all major vendors including Cisco, Nortel, Juniper, Extreme, Foundry, Aruba and Trapeze.
How does Ignition Server integrate into my existing network?
Ignition Server integrates with most network equipment using RADIUS as main communication protocol. In addition, Ignition Server Ignition includes the ability to dynamically set network access based on identity and policy. Ignition supports standard RADIUS attributes as well as Vendor Specific Attributes (VSAs) for the ultimate flexibility as required to integrate with most networks.
Still have unanswered questions? Let us put you in touch with a solutions specialist today that can answer all your questions about the Identity Engines Ignition Server.
|
|
