eTIPS 5000 Series v3.0
Strengths: Great user interface and we liked the guest portal and policy simulator. Reporting drill down and dashboard were strong
Weaknesses: Could take some time to set up, with configuring all authentication sources and LAN resource connections
Verdict: Great NAC for certificate-based or authentication-based access
The eTIPS 5000 Series v3.0 from Avenda Systems is an all-in-one appliance that centrally manages identity-based and endpoint device authentication using NAC or network access points for wired, wireless and VPN networks. It is an out-of-band architecture that ships as a 1U or virtual machine appliance.
The solution installs with some simple base configurations required to get the device talking on the network. Once it is set up, the user interface is very easy to use and we saw no issues with quickly navigating to the required areas for configuration, management or reporting. Setting up access to LAN devices can be accomplished via SNMP, Radius or TACACS+.
Comprehensive support for guest, employee and temporary user rules is based on the ability to simultaneously query multiple attributes from separate identity stores. Standard Active Directory, LDAP, SQL database and token-based identity stores are supported.
Endpoint health checks can be performed by using Windows Network Access Protection agents, Avenda's universal agents for Windows and Linux clients, or its dissolvable agent. These can include operating system checks and patch levels, anti-virus, anti-spam and firewall status.
Avenda Systems agents can also perform registry key and services checks for unwanted applications such as scanners or peer-to-peer programs, and if detected the agent can remediate the issue. Dissolvable or web-based agents are available for Windows, Linux and Mac OS X clients and agentless checks/scans are supported.
ETIPS 5000 ships with a full set of capabilities and is licensed for the components you wish to deploy. Adding additional features and functionality is accomplished through a licence key. The appliances are capable of being clustered to support disaster recovery and scalability in enterprise deployments.
Advanced applications are available for guest access provisioning (GuestConnect), audit and compliance reporting (Insight), VPN health checks (Edge) and 802.1X endpoint configuration (Quick1X). Alerting is included with the Insight add-on and is not part of the base product.
Basic 90-day hardware and software service is included. Various fee-based options are available to extend that and include both 8/5 and 24/7 options.