ARP-GUARD
ARP-GUARD - more than network access control

Virtually all internal company information can be accessed over your local network. Highly sensitive data vital to your company! Formulas, design plans, contracts, patents. 
ARP-GUARD makes sure that users don't use any unauthorised notebooks, smartphones or even wireless access points. Our software solution protects your IT infrastructure from malware-infected external devices and your intellectual property from unauthorised access! Our security solution provides reliable protection against unauthorised access to the internal LAN and WLAN, as well as the Internet. With ARP-GUARD, only authorized devices are granted access to your network!
Protection of your network takes place in real time, as does network monitoring, localization, and the identification and verification of newly connected devices.
Unambiguous identification of a device is a must. The MAC address or certificates (802.1X) are available here. The ISL proprietary fingerprint process also offers an identity check of the devices at the highest security level. 
You can combine these security mechanisms to define your own level of security. 
The unique and individually scalable sensor management architecture makes it possible to secure your company across sites no matter if you are a medium-sized company or a large corporation. 
ARP-GUARD functions independently of any vendor. You don't have to standardise or even replace your existing infrastructure.
ARP-GUARD sees itself as a watchdog and observer of your network that enforces your centrally defined rules, i.e. your security policy, throughout the company. 
This functionality gives you a comprehensive overview of the entire network that reaches all the way down to the individual device.
ARP-GUARD automatically generates a current inventory list, diagrams or reports for the network.

datasheet flyer_AG

ARP-GUARD gives you complete access control for your network! New devices that are connected to the network are detected and reported in real-time. The devices are uniquely identified using the MAC address or certificates (802.1X). Additional fingerprints that are created when training the devices increase the security level. ARP-GUARD thus makes protected and controlled access to the network possible. You decide how to deal with unauthorised devices with user-defined or company-specific rules found in access and security guidelines. These guidelines can range from notifying the administrator by email to automatic defence against unauthorised devices or relocating to special quarantine or guest VLANs. 

The central network management system provides a comprehensive overview of all devices in your network. It detects every change in addresses or allocations and logs and displays these changes. Inventory lists of all of the devices located in the network are generated upon request and are always up-to-date. ARP-GUARD also supplies you with a history of the topography. With the help of this history you can identify when a specific device was in the network the last time and where was it connected, or which IP address was connected to what device at a specific time? 

The reporting function of the ARP-GUARD also lets you show the logged incidents in a diagram. You can select between standardised and user-specific reports here. This lets you create analyses that help you to get an overview of events in your network - for example the number of unknown devices that want to access your network or the frequency of incidences on certain ports or switches.

To ensure that you don't lose your overview in large, complex networks, ARP-GUARD offers you a topology diagram. The network infrastructure is automatically detected by ARP-GUARD and shown in its form. The form and size of the topologies can be edited and modified any way you want.

There are numerous network connections and access points in the company that are either freely or easily accessible. Simple access to your company data - not just for employees! Security problems at the network infrastructure level can put the availability of the entire network at risk or allow an attacker to read or even manipulate the traffic of complete network segments. ARP-GUARD detects and locates internal attacks such as ARP poisoning, MAC flooding, IP spoofing, "man-in-the-middle" attacks, etc. and defends itself independently. 

Thanks to this protection, data can no longer be spied on, deleted or manipulated unnoticed. Secret product developments and internal company passwords are secure against unauthorised access. IP spoofing attacks are prevented to keep specific rights in the network from being obtained fraudulently.

By identifying address conflicts, ARP-GUARD makes a valuable contribution to quality assurance. It offers preventative protection against attacks that is easy to put into practice.

Network Access Control

  • RADIUS / 802.1X /EAP with and without certificate
  • MAC authentication
  • Central port security system
  • Ticket system for guests with self-registration

VLAN management

  • Segregation of production areas
  • Dynamic and static allocation
  • Guest and quarantine area
  • User-defined rules

Layer 2 IPS

Protection from the dangers posed by:

  • Man-in-the-middle attacks
  • ARP poisoning
  • MAC flooding
  • MAC spoofing
  • IP spoofing

Network Manager

  • Current inventory lists of all end devices (IP, MAC, port)
  • Topology diagram
  • Changes to addresses or allocations logged
  • User-defined reporting
  • DHCP server queries

Endpoint Security

  • Monitoring of the individual end devices for operating system and AV update status
  • Quarantine management
  • No client software on the end devices!