Safe Access® is a complete network access control (NAC) solution that stops unauthorized access, prevents malicious endpoint activity, and enforces your organization's security policies. An award-winning solution, Safe Access is the NAC solution of choice for organizations large and small. Safe Access protects some of the most sensitive networks in the world, including branches of the U.S. military. With Safe Access, you have the power to take control of your network.

Safe Access is a complete NAC solution. Delivering on the four vital areas of NAC - pre-connect testing, post-connect monitoring, identity-based management and remediation - Safe Access allows companies to be the decision maker for their network. They get to define, set and enforce the rules/criteria that users must adhere to if they want access to the network, ensuring that the right users have the right access, safely and easily. This ability also allows companies to enforce the proper compliance guidelines throughout their entire organization, making for easy reporting and auditing.

Safe Access provides the following benefits:

• Fast pre-connect testing
• More accurate endpoint testing with Deep Checks
• Flexible endpoint testing, enforcement, and remediation
• Continuous post-connect monitoring
• Windows OS and Mac OS X coverage
• Identity-based management controls

Take our 5-minute product tour

Launch tour »

Safe Access offers a wide range of features that address all areas of network security including:

Endpoint enforcement and testing — Safe Access provides enforcement options for quarantining endpoints (802.1x, DHCP, Endpoint-based, and Inline enforcement) that enable it to enforce policy compliance across complex, heterogeneous networks. This allows organizations to secure their network from all endpoints, regardless of the network topology, configuration, hardware, versioning, etc.

Additionally, Safe Access offers three endpoint testing options: agentless (Windows only), web-based (Windows only) and agent-based testing (Windows and Macintosh). These options allow a full range of devices to be tested thoroughly before being allowed into the network.

Purpose-built for NAC — Safe Access' proprietary testing and enforcement engine provides deep, fast endpoint testing for both Windows and Macintosh. With testing taking only seconds, end-users are unaware of any delays in the login process unless they are quarantined because of failure to meet policy. Safe Access' numerous enforcement options allow you to mix and match for deployment throughout your network.

Pre-connect endpoint testing — Safe Access applies hundreds of health checks, or tests that fully assess endpoint security posture and can be configured to retest periodically to check that your network's health keeps you compliant. In addition, all tests are updated automatically and added on an on-going basis by the StillSecure® Security Alert Team™ (SAT). Organizational-specific tests may be created as well.

Post-connect monitoring — Safe Access' open architecture allows for integration with StillSecure's own post-connect monitoring system and with third-party solutions. This architecture employs a continually expanding database of nearly 4,000 attack rules to detect harmful traffic plus powerful anomaly and protocol based detection. Safe Access also integrates with StillSecure's Strata Guard® IDS/IPS solution to create continuous post-connect protection. Through Safe Access' APIs, third-party systems can also alert and quarantine devices based on malicious behavior.

Management and administration — Regardless of the size or complexity of the network, Safe Access centrally consolidates the management of all testing and enforcement activities. Safe Access provides a single-pane-of-glass view into endpoint security with easy access to many functions usually reserved for backend configuration.

High availability and load balancing — Safe Access has true high-availability and failover capabilities as well as a multi-server deployment. Should an Enforcement Server fail, other servers within a cluster automatically provide coverage for the affected network segment. Likewise, a spike in testing activity directed at a single Enforcement Server is load balanced across the cluster.

Multi-user, role-based access — Administrative access to the system is strictly controlled through user roles and cluster assignments. Safe Access ships with four default user roles (system or cluster administrator and help desk or view-only user) and allows administrators to create additional roles using Safe Access' fine-grained permissions.

Integrated in the IT environment — Safe Access includes StillSecure's Enterprise Integration Framework™ (EIF), an open architecture that allows for the import/export of data to/from Safe Access. Integration allows third-party systems to control testing and quarantining functions, enables Safe Access to share endpoint security data with other IT systems and supports a variety of network infrastructure manufacturers and devices.

Minimal impact on end-users; clear instructions for achieving compliance — Administrators have complete control over the depth and frequency with which end-users are informed of testing activities and results. Communication can be configured to be as visible or as invisible as necessary.

Automated and manual endpoint repair — Safe Access closes the loop within NAC by facilitating a variety of remediation options for endpoints that test non-compliant with your security policy including automated or self remediation and access grace period.

Reporting for management and auditors — Safe Access' robust reporting capabilities allow companies to meet the needs of auditors, managers and IT staff. Reports provide concise security status information on device compliance and access activity.

Availability — Safe Access is available as software or as a preconfigured hardware appliance. It is also offered as Safe Access Lite, a free version of the industry's #1, award-winning NAC solution. Safe Access Lite is a non-disruptive, easy-to-install, monitor-only NAC product that tests up to 250 devices/computers/endpoints.

Appliance configurations are as follows:

SA 100 Enforcement Server (ES) - supports a maximum of 500 users Management Server (MS) - supports a maximum of 2,500 users and 5 ESs Combo ES and MS - supports a maximum of 500 users SA 200 ES - supports a maximum of 1,500 users MS - supports a maximum of 22,000 users and 15 ESs Combo ES and MS - supports a maximum of 1,500 users SA 300 ES - supports a maximum of 3,000 users MS - supports a maximum of 300,000 users and 100 ESs Combo ES and MS - supports a maximum of 3,000 users

Demonstration boxes are available on request. Contact 303-381-3830, sales@stillsecure.com.