Great Bay Software, the industry leader in Endpoint Profiling, has been selected by Randolph-Brooks Federal Credit Union, one of the strongest credit unions in the country, to assist in the network discovery phase of deploying a Network Access Control solution. Great Bay’s flagship product, Beacon Endpoint ProfilerTM, is providing RBFCU with a real-time, contextual inventory of all network-attached endpoints. Further, RBFCU will rely on Beacon for ongoing Endpoint Identity Monitoring of more than 35 remote sites within the credit union network.
Press Release, Feb. 2011
Please Click to Download Full Release]]>
One of the most important responsibilities of any municipality is to protect and distribute safe drinking water. Like most municipal functions today, our ability to do this depends on having reliable, secure information networks.
National Professional Journal of MISA/ASIM Canada
November, 2012, Vo. 19, No. 5
Inability to detect and eliminate rogue endpoints such as wireless LAN access points, devices brought from home, hubs, devices added to conference rooms, etc. Detecting rogue endpoints is central to auditors’ approach today and while this problem space is currently referred to as BYOD, the challenge is far broader than whether someone wants to bring their iPad to work. Further, the focus on wireless networks is only the first audit finding. As soon as this one is addressed that same auditor will submit a new finding; this time for the wired network.
Automatically generate and maintain and comprehensive database of all wired and wireless endpoints. Detecting rogue endpoints is critical as opposed to just detecting rogues in the wireless domain. After all most rogue access points in the enterprise network are connected via an Ethernet cable so that they can provide WLAN services to the user(s). Devices brought from home can also be detected on the wired and/or wireless networks and can be differentiated from devices belonging to the enterprise because of membership in Active Directory, participation in enterprise services such as patch management, or registration in a Mobile Device Management system.
Inability to detect, and defend against, MAC address spoofing. This is a favorite tactic for auditors and penetration testers; copy the MAC address of an enterprise device such as a printer (whose MAC address can be found on a test page or on the sticker on the back of the printer) and gain network access. They might not be able to do much, but they can ‘see’ a lot.
Continuously monitor the behavior and machine-centric attributes of network endpoints and be able to detect changes in behavior and respond either by resetting that devices connection to the network, sending an event to a SIEM platform, or removing that device from the network entirely. Great Bay has been helping customers cure this particular audit finding for years and in most cases the deployment of Beacon is the only activity undertaking between the issuing of the audit finding and the resolution.
Inability to detect wireless access points and devices brought in by employees on the wired network. Many of the most well known IT security compromises; the ones where company’s lost vast amounts of money, have one thing in common; they all involved the placement of a device in the network to perform the desired task via an Ethernet cable. Today’s wireless networks are very commonly well secured relative to the wired network. Conference room ports, guest cubes, ports left unoccupied as a result of upgrades or replacement of devices, there are countless opportunities to add devices without the consent of IT. Many of these are non-malicious (gaming systems, security cameras, departmental marketing, etc) but all can result in an Audit finding when the questions commence about how you monitor and secure the network edge.
Differentiate enterprise-owned endpoints by aggregating information from multiple sources in the IT system such as AD, MDM, network management, and network behavior to construct a database of all enterprise endpoints. Once established, existing change control systems and work flows are leveraged for the addition of Access Points to the network while all other WLAN endpoints are detected and either disconnected from the network or become the source of notification and event data. Importantly, this solution detects devices on the wired and wireless network and not just those that exist in the RF space. The explosion of wireless LANs has rendered information from RF only solutions difficult to quantify and less important since those devices are not necessarily on the network. Beacon, meanwhile detects devices that are actually on the network, which is the data required to actually differentiate between wireless endpoints that happen to share the same RF space from those that are being leveraged to access enterprise services.]]>
Data from traditionally network-centric sources is combined with information from sources such as Asset Management, enterprise management and monitoring systems, and HR systems to provide comprehensive answers to what, who, where, and when is occurring in the enterprise. The ROI for Beacon is immediately apparent, with increased efficiency in help desk operations, incident response, and audit / compliance data that represent real cost savings and risk reduction.]]>
Independent of how long it is in place, or how many phases are defined, MAC Authentication makes sense as a Phase 1 deployment towards the goal of 802.1X and/or NAC.
Benefits of this approach include:
IBM’s Security Intelligence Partner Program (SIPP) Enables Companies to Better Provide Advanced Endpoint Security Intelligence to its Customers and Partners.
Dover, NH—November 13, 2012—Great Bay Software Inc., the innovator of Endpoint Profiling and Discovery for Enterprise Networks, today announced that it has been certified by Q1 Labs, an IBM company and global provider of security intelligence solutions, for its Security Intelligence Partner Program. The integration of Great Bay’s Beacon Endpoint ProfilerTM solution leverages IBM’s QRadar Security Intelligence Platform and enables more powerful correlation of security events and endpoint profiling data – ultimately facilitating endpoint security for all network attached endpoints.
The IBM QRadar Security Intelligence Platform is an integrated and automated IT security solution that provides complete, 360° security intelligence across the network. QRadar will collect, analyze, report on, and store Great Bay’s Beacon Endpoint Profiler data in a central, federated console.
IBM’s Security Intelligence Partner Program enables its partners to:
“We have completed the testing as part of the SIPP certification process which ensures interoperability between Great Bay Software’s Endpoint Profiler solution and the QRadar Security Intelligence Platform,” said Matt Ward, Senior Product Manager, IBM. “The information gathered by Endpoint Profiler provides QRadar with a comprehensive view of the endpoint to enable powerful analytics – identifying specifically unauthorized and non-compliant systems that pose a security risk.”
Great Bay Software’s Beacon Endpoint Profiler is the reference standard for Endpoint Profiling, Network Endpoint Discovery,
Rogue Detection and Identity Monitoring of enterprise endpoints.
In addition, Great Bay’s technology enables the rapid and successful deployment and management of 802.1X and Network Admission Control (NAC) systems. By solving critical challenges at the time of deployment and improving the operational efficiency of all endpoint security systems.
Great Bay’s Beacon Endpoint Profiler and Device Sponsorship are critical components of pre-deployment discovery, deployment time risk avoidance, and ongoing operational efficiency of maintaining an authenticated system.
“Great Bay Software, Inc. is pleased to join IBM’s Security Intelligence Partner Program. Our Beacon Endpoint Profiler, combined with QRadar Security Intelligence Platform, allows enterprise organizations to correlate information detected at the core of the enterprise with the details of the endpoints at the edge of the enterprise LAN,” said Steve Pettit, President, Great Bay Software, Inc. “This level of data assimilation will lead to a more efficient IT and IT Security operation and reduce the risks related to rogue endpoints connecting to the network.”
For more information about the Security Intelligence Partner Program, please visit http://q1labs.com/partners/security-intelligence-partner- program.aspx.
About Great Bay Software, Inc.
Great Bay Software, Inc. is a software development firm specializing in Enterprise Endpoint discovery, identity, and 802.1X. The company’s flagship product, Beacon Endpoint Profiler, features applications that include the enabling and extending of NAC and 802.1X, providing a comprehensive inventory of all network attached endpoints, and supporting compliance initiatives mandated in today’s business climate. For more information on the Beacon Endpoint Profiling system from Great Bay Software, please visit www.greatbaysoftware.com or call +1(603)766-6124.]]>