- 3000 end-systems
The Identity and Access appliance controls endpoint authentication, security posture assessment and network authorization. For authentication services, the Identity and Access appliance acts as a RADIUS proxy, or RADIUS server for MAC authentication, which communicates with the organization's RADIUS authentication services. The Identity and Access appliance supports 802.1x (extensible authentication protocol), MAC, web-based and Kerberos Snooping (with certain restrictions) authentication. For endpoint assessment, the Identity and Access appliance connects to multiple security assessment servers. For authorization services, the Identity and Access appliance communicates RADIUS attributes to the authenticating switch. This allows the switch to dynamically authorize and allocate network resources to the connecting endpoint based on authentication and assessment results. The Identity and Access appliance also stores NAC configuration information and the physical location of each endpoint. It easily scales to support redundancy and large NAC deployments.