Secure IP Address Management Layer 2 Network Access Control Solution

Viascope provides remarkable IP resource management solution called IPScan. It is the industry's leading solution for centrally managing and enforcing control over fundamental network access and IP address allocation. Distributed IPScan probes monitor every VLAN, and detect all Ethernet and IP devices connecting to the network. The centralized IPScan server including an integrated RDBMS provides centralized policy administration, monitoring, alerting and real-time control over all device access to the enterprise-wide backbone network.
IPScan offers perfect IP address management for static IP address environment and DHCP environment. By enabling state-of-the-art DHCP Server feature in IPScanProbe, it provide very highly secure and flexible DHCP environment. Based on configured policies, IPScan can automatically prevent any device that has an unauthorized or conflicting Ethernet or IP address from connecting to the network. By denying these devices, IPScan prevents potential attacks from outsiders that have gained connectivity to switch or WiFi access point, and helps eliminate address conflicts that can potentially bring down critical network infrastructure components or mission-critical servers. IPScan also collects and stores an ongoing, auditable history of all devices on the network, providing a highly valuable set of always-updated network documentation.

Benefits
1page
IPScan
Secure IP Address management & Layer 2 Network Access Control Solution

IPScan offers IT managers a tremendous return on investment, by greatly increasing mitigation of security and network addressconflict based downtime risks.

IPScan automate IP address management tasks, which are currently manually managed and very time-consuming, delivering cost-savings in operational efficiency.

Empower IT managers to successively deploy and control company's network policies to the internal users. IT managers can now block and control unauthorized/unknown user and/or any user who don't follow company policy from accessing the network to prevent problems that can impact the network performance.

Automatic detection of IP related events such as IP conflicts and unknown devices, enabling IT managers to take prompt reactions to minimize the impact. Centrally manage the entire network distributed across regions from a single location. The deployment is completely transparent to the existing network requiring neither network reconfiguration nor upgrade. Users no need to login using ID & password. Its transparent architecture will not affect the network performance in any ways.

ViaScope Int.
Tel. 822-3412-9700 www.viascope.com Email-viascope@viascope.com

Secure IP Address Management

Automatic IP/MAC resource monitoring Automatic detection, display and update on IP, MAC, host name, workgroup name, detected time and etc. IP address reservation By pre-defining IP Block for the unassigned IP address, any free IP address will be in control of IT manager for the future assignment. IP-MAC binding By binding IP and MAC address, User cannot change their IP address without IT manager's permission. Real-time IP/MAC inventory List complete IP device Inventory in real-time for the entire network.

Network Access Control

Layer 2 level blocking Without touching devices on the physical level or disabling switch ports, IPScan provide strict Layer 2 level blocking commands. Network based IP/MAC blocking Enable IT managers to block any IP and/or MAC that should stay out of the network without installing any agent program on PC clients. No need to change any of the existing network infrastructure or configuration. MAC authentication Detect and save MAC address automatically. Unregistered MAC address is blocked instantly or temporarily depends on policy. MAC authentication process is simple and hassle-free. Visitor access time control Offer IP/MAC based time control to pre-define the network access periods for the visitors. Host name control Register host names and block anyone violating the defined rule. Expired IP/MAC control Proactively manage IP/MAC users no longer active in the network for a defined number of days. Wireless access point security Regardless of the network environment (wired and/or wireless), all IP/MAC device access will be control by IT managers

IP/MAC description column & quick search By providing additional IP/MAC description column, IP manager can find out IP/MAC device immediately.

Features

Event detection and log Detect and save IP/MAC related events such as (IP change, IP conflict, New MAC and etc.) in real-time and save the logs in MySQL, MS-SQL or Oracle database. IP grouping Create groups and categorize IP users into their physical and logical groups for comprehensive management.

IP Conflicts Management
Mission critical server protection from IP conflict Protect IP addresses of important devices in the network from IP conflicts by binding IP and MAC. Ideal for static IP address device Automatic IP conflict detection and prevention by registering MAC address for each static IP address.

2page
IPScan
Secure IP Address management & Layer 2 Network Access Control Solution

ViaScope Int.
Tel. 822-3412-9700 www.viascope.com Email-viascope@viascope.com

Secure DHCP Server

Next generation DHCP server IPScan Probe include enhanced DHCP Server features with heightened security. Dual DHCP pools Provide 2 types of DHCP pool: one for authorized DHCP clients and another for unauthorized DHCP clients Authorized pool DHCP pool for registered MAC address. IP addresses in the authorized pool will grant permanent network access to registered MAC addresses. Unauthorized pool DHCP pool for unregistered MAC address. Unauthorized MAC will get a temporary IP address first for a limited time, but the access will be terminated if not authorized by IT manager. Unauthorized MAC device blocking Apply MAC blocking immediately for unauthorized MAC addresses or allow to use the network temporarily. Static IP address control in DHCP pool automatic detection and prevention of DHCP client to use static IP address in DHCP pool. Other DHCP server detection Automatic detection of other DHCP server existing in the same network. Other DHCP server can be disconnection from the network using IP/MAC blocking feature.

Advanced Pack V2.0 Integrated Add-On Features for IPScan

Advanced Pack V2.0 is an integrated add-on package offers you to cost-effectively extend management capabilities and streamlines diverse management tasks with its high performed functions. To manage your network, it is needed to deploy management solutions for each task. However, it requires high cost investment, and it will lay a burden on the network manager Advanced Pack is the collection of the user's best required functions over the network management will be the best answer to lift your burden from managing various management solutions and save your network budget.

Switch Port Management

Control your Switch Port & Secure your Gateway Switch Port Management function allows IT manager to control each Switch port automatically and manually in realtime without heavy SNMP solutions. Also it offers you to secure the Gateway from the IP duplication by blocking Switch Port of the violation IP user. It is not only blocking the violation user's IP address, but blocking the Switch Port of that user to completely block even broadcasting packets and any repeated violation from the network.

Features

Service Port Management

Service Port Management Manage Your Network Vulnerability Service Port Management feature provides IT manager to probe the network service port of IP users, and block the violation users who do not use the required or compulsory network service applications in order to prevent any trouble caused by the IP users.

3page
IPScan
Secure IP Address management & Layer 2 Network Access Control Solution

*** Advanced Pack is compatible with IPScan Server V3.5 or higher version.

ViaScope Int.
Tel. 822-3412-9700 www.viascope.com Email-viascope@viascope.com

Network Configuration with Existing DHCP Server

IPScan product family is composed of software package and hardware probes. IPScan software package contains IPScan Server and Console software, and the probes are IPScan agent embedded dedicated hardware. IPScan Server is a communication module that corresponds with IPScan Console, DB server and probes. IPScan Console is the actual user interface for IT managers to view current status and execute policies. Depending on your network configuration, different models of IPScan Probe are available for the deployment.

Configuration

Network Configuration with IPScan DHCP Server

IPScan's DHCP Server Provides Heightened Network Security.
IPScan Probe 50, 100A and 600 models are equipped with DHCP server functions. Configuring DHCP Server can be easily done from IPScan Console, the user interface, which connects to IPScan Server. When an IP device is detected, IPScan Probe checks with IPScan Server on the defined policies. If the device meets a company's network access policies, DHCP Server embedded in IPScan Probe will allocate an IP address from an authorized IP range pool. However, if it is unknown and/or unauthorized to connect to the network, DHCP Server will not allocate an IP address. Depending on each company's needs, IT managers can configure the DHCP Server to grant the network access temporarily.

4page
IPScan
Secure IP Address management & Layer 2 Network Access Control Solution

ViaScope Int.
Tel. 822-3412-9700 www.viascope.com Email-viascope@viascope.com

IPScan Server
Installed in main center, it communicates with Probes to receive and store collected data and forwards IP policies defined by IT manager. It supports MS-SQL 2000 Server and MySQL Server

H/W Specifications for IPScan Server (minimum requirements)

Less than 2,000 users OS IPScan Server integration CPU RAM HDD N/A IPScan DB Server and IPScan Server are installed in the same H/W platform N/A N/A N/A 2,000 ~ 5,000 users N/A IPScan DB Server and IPScan Server are installed in the same H/W platform N/A N/A N/A 5,000 ~ 10,000 users Win2000 Server Win2003 Server Dedicated H/W platform for IPScan Server is required Pentium4 3GHz 2G 120G More than 10,000 users Win2000 Server Win2003 Server Dedicated H/W platform for IPScan Server is required Inquire Inquire Inquire

System Requirements

IPScan Console
Installed in IT managers PC, it enables the connection to IPScan Server to view, monitor and define IP policies.

H/W Specifications for IPScan Console (minimum requirements)

OS DB Connection CPU RAM HDD NIC Win2000 Professional / Win2000 Server / Win2003 Server / Windows XP ODBC Pentium4 2GHz or higher 512MB 1G available (100M spaces for installation) 100 Mbps Ethernet

DB Server for IPScan

Collected Data and policies are stored in the RDBMS MS-SQL 2000 Server and MySQL Server are compatible. DB Server and IPScan Server can be installed in a same hardware platform if the number of active IP is less than 5,000. For more than 5,000 active IP network, separate hardware platform is required for each.

H/W Specifications for DB Server (minimum requirements)

Less than 2,000 users OS Win2000 Professional Win2000 Server Win2003 Server DB Server and IPScan Server are installed in the same H/W platform MySQL4.1.11 MS SQL2000 Pentium4 3GHz 2G 120G 100Mbps Ethernet Less than 50 Probe100 or 5 Probe600 2,000 ~ 5,000 users Win2000 Server Win2003 Server DB Server and IPScan Server are installed in the same H/W platform MS SQL2000 2 Xeon CPU 3GHz 2G 160G(SCSI) 100Mbps Ethernet Less than 100 Probe100A or 10 Probe600 5,000 ~ 10,000 users Win2000 Server Win2003 Server Dedicated H/W platform for DB Server is required MS SQL2000 2 Xeon CPU 3GHz 3G 160G(SCSI) 100Mbps Ethernet Less than 500 Probe100A or 20 Probe600 More than 10,000 users Win2000 Server Win2003 Server Dedicated H/W platform for DB Server is required Inquire Inquire Inquire Inquire Inquire Inquire

IPScan Server Integration DB Type CPU RAM HDD NIC Max number of Probe

5page
IPScan
Secure IP Address management & Layer 2 Network Access Control Solution

ViaScope Int.
Tel. 822-3412-9700 www.viascope.com Email-viascope@viascope.com

IPScan Probe 50
Software technology embedded hardware Probe that is dedicated to monitor a remote area or a segment. Plug-and-play installation. It supports 802.1q to manage multiple VLANs from a single device. It supports up to 50 active IP devices and DHCP Server feature.

IPScan Probe 100

Software technology embedded hardware Probe that is dedicated to monitor a remote area or a segment. Plug-and-play installation. It supports 802.1q to manage multiple VLANs from a single device. It supports up to 250 active IP devices. No DHCP Server feature support

IPScan Probe Specifications

CPU Memory Flash Memory Interface Size Weight Environment Input Voltage Power Firmware OS Trunk Protocol Capacity DHCP Server

AMD AUL1550 MIPS Core (333 MHz) 64Mbyte DDR RAM 4Mbyte NOR Flash, 16Mbyte NAND Flash Ethernet 10/100Mbps,(RJ-45 )1 port. RS-232 console 1 port. 118mm(W)x30mm(H)x118mm(D) 440g Temperature 0~40C , Humidity 0~90% AC 100V~240V, 50~60Hz DC 5V/3A, 15W (DC Adaptor) Linux Kernel 2.4.20 IEEE 802.1q support Up to 50 active IP addresses Yes

CPU Memory Flash Memory EEPROM Interface Size Weight Environment Input Voltage Power Firmware OS Trunk Protocol Capacity DHCP Server

50MHz RISC KS32C50100 32Mbyte SDRAM 0.5Mbyte 128 Kbyte Ethernet 10/100Mbps,(RJ-45 )1 port. RS-232 console 1 port. 170mm(W)x44mm(H)x210.5mm(D) 1.2Kg Temperature 0~40C , Humidity 0~90% AC 90V~240V, 50~60Hz DC 5V/3A, 15W MicroC/OS-II IEEE 802.1q support Up to 250 active IP addresses No

IPScan Probe 100A

Software technology embedded hardware Probe that is designed to control up to 500 active users. It supports 802.1q to manage multiple VLANs from a single device. It supports up to 500 active IP devices and DHCP Server features.

IPScan Probe 600

Software technology embedded hardware that is design ed to monitor large number of users. It supports 802.1q to manage multiple VLANs from a single device. It supports up to 2,500 active IP devices and DHCP Server features.

CPU System Memory Flash Memory Interface Size Weight Environment Input Voltage Power Firmware OS Trunk Protocol Capacity DHCP Server

6page
IPScan
Secure IP Address management & Layer 2 Network Access Control Solution

AMD AUL1550 MIPS Core (333 MHz) 64M DDR RAM 4M NOR Flash, 16M NAND Flash Ethernet 10/100Mbps,(RJ-45 )1 port. RS-232 console 1 port. 200mm(W) X 44mm(H) X 196mm(D) 1.3Kg Temperature 0~40C , Humidity 0~90% AC 90V~240V, 50~60Hz DC 5V/3A, 15W Linux Kernel 2.4.20 IEEE 802.1q support Up to 500 active IP addresses Yes

CPU DRAM HDD Interface Size Weight Environment Input Voltage Power Firmware OS Trunk Protocol Capacity DHCP Server

Intel Celeron(Coppermine) 733MHz 128MB SDRAM 40GB Ethernet 10/100Mbps,(RJ-45) 6 ports RS-232 console 1 port 435mm(W)x45mm(H)x285mm(D) 4.8Kg Temperature 0~40C , Humidity 0~90% AC 90V~250V, 50~60Hz 220W Linux Kernel 2.4.20 IEEE 802.1q support Up to 2,500 active IP addresses Yes

ViaScope Int.
Tel. 822-3412-9700 www.viascope.com Email-viascope@viascope.com