Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
在此页面上
 

瞻博网络 Mist Access Assurance 概述

瞻博网络 Mist Access Assurance 是一项基于云的高级网络接入控制 (NAC) 服务,通过向设备和用户提供基于身份的网络访问来保护您的无线和有线网络。使用此服务,您可以控制可以访问您网络的人员和内容。您可以设置简单的规则来允许或拒绝对不同类型的设备(例如访客、公司设备以及生成 IoT 和 BYOD 流量的设备)的访问。该服务在让用户和设备连接到网络之前检查用户和设备身份。该服务对启用 802.1 的设备使用 802.1X 身份验证,对非 802.1X 设备使用 MAC 身份验证旁路 (MAB) 验证。

观看以下视频,快速了解 NAC 如何随时间变化以及它今天的样子:

various network access control solutions. We'll look at the evolution of the NAC use cases as they emerged over the past 20 or so years. We'll also look at the evolution of various NAC products. In particular, we'll look at the Cisco ISE engine. We'll also look at the Aruba ClearPass.

If we look at the 2000s, back then we really only had corporate access use cases where we actually connected workstations to our networks. They were primarily wired. Very few of them were wireless. Back in the day, Cisco ACS was number one AAA server or RADIUS server on the planet, and it actually started from a case where it was actually an authentication platform for dial-up modem users back in the day.

Later on, in 2007, Apple introduces an iPhone.

This is where we see guest access use case emerging. And followed by that, we see Cisco introduces new platforms or new applications that are standalone servers for a NAC profiler in that guest in response to that guest access use case appearance. In the same time, we see Amigopod emerge as the new company that tries to address that same guest use case.

Well, what we then see is, in 2010, Apple introduces Apple iPad, and with that, we see an emerge of BYOD use case. Now, employees started to bring their iPhones and iPads and other tablets and phones to their enterprise, and they wanted to get access to the network. At that time, Aruba came in, and Aruba actually acquired Amigopod, and Aruba also acquired Avenda, a company that was doing profiling just to address that guest and the BYOD use case as well.

So at that point, Cisco came into the picture and says, OK, we are actually introducing a new product called Cisco ISE, or identity service engine. And what is a Cisco ISE? Cisco ISE is actually a combination of Cisco ACS profiler and guest. So we are combining the three standalone servers into one server.

2011 and 2012, we see ClearPass emerging.

What is a ClearPass? ClearPass is a combination of Amigopod, Avenda, and a new .1x authentication server that was part of the ClearPass-- again, same picture.

What we see after that-- after that, we see a new trend, which is an introduction of the cloud-based identity-as-a-service products, namely Microsoft Azure and Okta Identity Services.

At that time, it's just a trend. It's still a slow adoption, but that's when it all started. In 2015, we see yet another trend. That's IoT.

So we have now four use cases. We have CORP, Guest, BYOD, and IoT, with IoT growing exponentially over the past couple of years.

What we see since then?

Well, we actually see Cisco updating ISE to version 2.0, 3.0. ClearPass gets a lot of upgrades. But fundamentally, the architecture has never changed since the early 2011 and 2012.

观看以下视频,了解瞻博网络 Mist Access Assurance 如何基于 Mist AI 构建的现代云服务提供 NAC:

Legacy NAC solutions are brittle and obsolete. They place a burden on a customer to deploy and manage on-premise hardware, manually scale, design for high availability, and manage software upgrades and security patches, leaving network administrators scared to make changes. IT wants a cloud solution with visibility to the end-to-end user experience across the network based on identity and policy at scale.

Now for the first time, Juniper Mist Access Assurance natively integrates network operations under one cloud. Access Assurance gives you access management, policy creation and enforcement across the network in a familiar interface. How easy is integrated cloud network access management? Configure authentication policy rules.

Enable the Mist Access Assurance service with just a single click. It is that simple. See how easy it is to identify access issues.

Built on Mist AI, Access Assurance validates the end-to-end client connectivity experience across the entire network. AI-powered automation simplifies operations and delivers a better user experience. Like the rest of the AI-driven enterprise portfolio, Access Assurance uses Juniper's proven cloud microservices architecture, no hardware required.

So you become operational right now. Our smart connectors allow you to get additional context from external identity sources, MDM providers or XDR solutions. And our geo-aware authentication service reduces latency and boosts availability.

And Marvis, our AI-driven virtual network assistant consumes data from both the network and the authentication service to provide unprecedented contextual insights to detect and resolve problems before anyone notices. Now, network administrators have a near effortless way to manage the network and access control, natively integrated into the Mist cloud. Unlock the most powerful AI-driven Access Assurance service available today.

Juniper Mist Access Assurance, driven by Mist AI.

特征

  • 微服务架构,可确保高可用性和可扩展性,以支持全球级别的大型部署。
  • 地缘关系,用于自动连接到接入点并交换机到最近的身份验证服务端口
  • X.509 证书管理,通过高效的数字证书处理维护网络可信度
  • 802.1X 和非 802.1X 身份验证,确保多功能网络安全
  • 网络策略和微分段有助于实现有针对性的流量控制和威胁遏制。
  • 与外部目录服务集成,如 Google Workspace、Microsoft Entra ID(以前称为 Microsoft Azure Active Directory)和 Okta Identity
  • 第三方支持与非瞻博网络基础架构兼容
  • Marvis 虚拟网络助手,提供人工智能驱动的网络洞察、诊断和故障排除

好处

  • 用户体验可见性 — 用户体验可见性 — 从单个仪表板管理网络运维,例如监控端到端用户连接和排除网络问题。
  • 管理和运维的单一管理平台 — 在瞻博网络 Mist 门户上高效执行日常访问保证任务,该门户在一个仪表板中提供全栈管理功能,实现端到端的运维可见性。
  • 无缝入网 — 使用 802.1X 或 MAB 验证方法轻松入网有线和无线设备。
  • 简化的管理 — 借助我们地理位置分散的云身份验证服务,您可以消除对独立身份验证、授权和计费 (AAA) 服务器的依赖。此服务可自动更新到最新的软件补丁,而不会造成服务停机。
  • 统一策略 — 轻松为有线和无线客户端创建身份验证策略,取代传统的复杂 AAA 配置。