 |
» |
|
|
|
|
|
|
|
|
|
|
|
Overview
|
|
|
HP Identity Driven Manager (IDM), a plug-in to HP PCM+, dynamically provisions network security and performance settings based on user, device, location, time, and endpoint posture. Identity Driven Manager provides network administrators with the ability to centrally define and apply policy-based network access rights that allow the network to automatically adapt to the needs of users and devices as they connect, thereby enforcing network security while providing appropriate access to authorized network users and devices. Identity Driven Manager is a powerful tool that allows network administrators to efficiently manage the users and devices connecting to their network.
Features
|
|
|
| • |
Traffic prioritization: can be automatically applied for each session based on user, device, location, and time of day, allowing appropriate prioritization of network traffic |
| • |
Rate limiting: inbound and outbound rate limits can be automatically applied to a session in order to limit the impact of lower-priority connections and reserve bandwidth for important business use |
| • |
Policy-based network access rights: network access policies specifying network security and performance are defined based on the user, time, location, device, and endpoint posture and then dynamically enforced at the edge of the network, where users and devices connect |
| • |
Automatic VLAN assignment: users can be automatically assigned to the appropriate VLAN based on their identity, device, device posture, location, and time of day |
| • |
User-based access control lists (ACLs): users can be allowed or denied access to network resources (e.g., servers, printers) based on the destination IP address or a range of IP addresses, and/or to network services (e.g., Web pages, instant messaging, or FTP) based on well-known or user-defined TCP/UDP ports |
| • |
Endpoint posture awareness: when used with an endpoint integrity solution such as Microsoft Network Access Protection (NAP) or the StillSecure Safe Access solution, access policies can be based on the posture of the endpoint connecting to the network, allowing noncompliant endpoints to be isolated until they comply with organizational policies |
| • |
HP network management solutions: HP PCM Plus: IDM is delivered on the HP PCM+ Secure Domain Architecture, which delivers increased scalability and security. HP Network Immunity Manager: IDM delivers enhanced integration with HP Network Immunity Manager, which monitors the network for threats and applies policy-based mitigations to offending endpoints or users; IDM and NIM work together to provide consistent and effective network security. |
| • |
RADIUS authentication servers: integrates with standard RADIUS authentication servers, including Microsoft Network Policy Server (NPS), Microsoft Internet Authentication Service (IAS), and FreeRADIUS on Linux platforms, enforcing network access policies through RADIUS authentication and authorization |
| • |
Microsoft Network Access Protection (NAP): cooperates with Microsoft NAP, bringing together NAP endpoint health status with IDM network access policy enforcement |
| • |
User directory integration: Microsoft Active Directory: connects to Microsoft Active Directory, automatically mapping Active Directory group membership to IDM Access Policy Groups; changes made in Active Directory are reflected in IDM so that user management occurs in one centralized place. LDAP directories or XML files: user and group membership can be imported from an LDAP directory or XML file . |
| • |
Simple Network Access Control: Self-registration: reduces administration effort by enabling end users to add themselves to the access control database; user's access is validated via an Active Directory; no additional software is required on end-user systems. Auto-allow groups: devices such as IP phones, printers, and certain uncontrolled devices can be given network access and segregated by device type. |
| • |
Graphical user interface (GUI): IDM provides a powerful GUI for defining network access policies and monitoring users on the network; administrators can quickly see which users are currently on the network and easily drill down to know where and when they connected |
| • |
Secure access wizard: simplifies the process of configuring system components by walking administrators through security configuration on network devices as well as configuring the authentication server with the list of these devices |
| • |
Agent auto-update: simplifies updates to the software system by automatically updating the IDM agents when the IDM server is updated |
| • |
Auto-discovery of solution components: RADIUS servers with IDM agents, RADIUS realms, and users are automatically discovered and assigned to a default policy group for the administrator's attention |
| • |
Electronic and telephone support: limited electronic and telephone support is available from HP; refer to www.hp.com/networking/warranty for details on the support provided and the period during which support is available |
| • |
Software releases: refer to www.hp.com/networking/warranty for details on the software releases provided and the period during which software releases are available for your product(s) |
|
|
HP's WEEE registration number is WEE/EJ0076US
This means that HP is a registered producer under the Waste Electrical and Electronic Equipment Regulations 2007. Read more about recycling your old IT equipment
HP is committed to providing our customers with information about the chemical substances in our products as needed to comply with legal requirements such as REACH (Regulation EC No 1907/2006 of the European Parliament and the Council). A chemical information report for this product can be found at: www.hp.com/go/reach. |
|
|
Printable version
