Maintaining data protection is one of the highest demands on today's companies, because nobody wants to get a bad image by having data theft from the company reported in the press. More attention is still paid to protection against access from outside, although statistics repeatedly point out that the majority of espionage comes from the local network. This is where maximum protection must be offered, which can be implemented with minimal effort and without disrupting internal workflows. 

 A Network Access Control (NAC) solution supports the company in this task. ARP-GUARD is quick and easy to implement as it does not require any changes to the existing network structure. It independently learns the devices in the network and graphically displays an overview of the network with the existing switches and routers. 

RADIUS / 802.1X /EAP with and without certificate, MAC based RADIUS, MAC authentication, user-defined set of rules, central dynamic port security system, guest system with self-registration.

Beinhaltet Access, Abgrenzung von Netzwerksegmenten, Dynamische und statische Zuordnung, kryptografisches Fingerprinting, Gäste-System mit Selbstregistrierung.

Beinhaltet Access, Schutz vor Layer 2 Angriffen, Schutz vor fremden und unbekannten Geräten, kryptografisches Fingerprinting, Gäste-System mit Selbstregistrierung.

Includes Access+, VLAN management, cryptographic fingerprinting, protection against Layer 2 attacks, guest system with self-registration.

Almost all internal company information is accessible via your local network. Existentially highly sensitive data of your company! Recipes, construction plans, contracts, patents. 

 ARP-GUARD ensures that users do not use unauthorized notebooks, smartphones or even wireless access points. Our software solution protects your IT infrastructure from third-party devices carrying malware and unwanted access to your intellectual property! Reliable protection for internal LAN and WLAN access as well as protection for Internet access is provided by our security solution. Only authorized devices are granted access to your network by ARP-GUARD! The protection of your network access is covered in real time as well as the monitoring, localization, detection and testing of newly connected devices. Unique identification of a device is a must. The MAC address or certificates (802.1X) are available here. 

 ARP-GUARD works independently of the manufacturer. You do not have to standardize or even renew your existing infrastructure. ARP-GUARD acts as a guardian and observer of your network, enforcing your specific set of rules - your security policy - from a central location throughout the company.

The experts at ISL GmbH have developed a fingerprinting system with and for the ARP-GUARD, which first searches for keys/certificates on the end devices and saves these as a reference value in its database. If the identical device becomes active in the network again, a public key or certificate is downloaded from the end device again and compared with the reference value. If these do not match, the device is removed from the network. In principle, the same session hijacking attacks are possible with fingerprinting as with 802.1X, but here you can easily check other conditions (e.g. based on IP addresses). For end devices that do not support any cryptographic procedures, simple fingerprints can be used based on certain characteristics of the device, so that the security still goes far beyond the MAC address check. 

Fingerprinting is implemented in the ARP-GUARD product and is active in many corporate networks, including over 80 savings banks, which attach great importance to a particularly high level of security.