Network Sentry provides centrally managed access to the network, integrates with user management applications, such as Microsoft Active Directory, and may use agents or remain agentless. The product monitors every edge connection to a network and provisions the appropriate level of network access according to role-based security policies. Using a centralized, out-of-band architecture, the network infrastructure (switches, routers, controllers, access points and more) are automatically discovered, classified and inventoried. For each edge device that attempts to connect to the network, it will be profiled by MAC address to identify the device type. If there is a user on the device, the user is also profiled (employee/managed or guest/unmanaged) before a network connection is provisioned. User identification and classification are achieved by integrating with technologies, such as Active Directory and Bradford Networks' Guest Management registration process.
Network Sentry features the ability to identify non-managed users and devices. By distinguishing the device type and the user on the device - even when the device does not join the Active Directory domain - customers are able to track user activity beyond ID registered into user ID stores. Endpoint compliance also can be performed on the edge devices to assess the endpoint risk posture before connecting to the network. Specific attributes of the devices are checked to confirm the integrity of the configuration (such as operating system patch level) or existence of a mandatory endpoint security application (such as anti-virus). Due to problems with password issues, not enough time was available to test all of the features we would have liked to see. We had to resort to the great wealth of online videos, as well as a helpful support staff.
Implementation was a relatively simple process once the planning was completed. We had the system up and operational in a very short time. Network Sentry is delivered through an appliance, virtual server or cloud service and managed by an excellent web-enabled graphic interface. Installation documentation was easy to follow. We were able to get the initial stages completed rather fast due to the Bradford support team along with the company's strong knowledge base. Admins installing this product should have a sound understanding of network design principles.
Bradford offers an excellent set of support options for its customers with either a fee-based service of $250 per hour, or two levels of support plans: Bradford's gold service at 15 percent of the purchase price for eight-hours-a-day/five-days-a-week support services, or the platinum plan at 20 percent of the purchase price for 24/7 support. Aid is available via phone, email or a customer support portal. In addition, Bradford offers a knowledge base of cases and resolutions along with a FAQ. Support fees (based on the basic cost of the product) are approximately $2,500/year, with product pricing starting at $16,875 for 500 devices managed.
Overall, this is a product worthy of attention for organizations looking to implement a robust network access control program.