NetAttest EPS

Home » IT Security » NetAttest EPS

Optimize and Streamline
Your Authentication Experience

Optimize and Streamline Your Authentication Experience

Simplify and Fortify Network Access Control with Digital Certificates

The NetAttest EPS is a port-based network access control solution that utilizes the IEEE 802.1X standard and functions as an authentication server with built-in digital certificate capabilities. The EPS protects wired, Wi-Fi, and VPN connections to networks of any size, in any location.

Key Features:

  • Prevent unauthorized network access and data breach
  • All-in-one solution – RADIUS, Public Key Infrastructure (PKI), Private Certificate Authority (CA), One-Time Password (OTP), Two-Factor Authentication (2FA)
  • Easily manage digital certificates for user and device authentication – even on unmanaged/private devices
  • Fast backup and redundancy
Simplify and Fortify Network Access Control with Digital Certificates

All-in-one RADIUS and CA Server

The EPS is all you need to protect the network with complete network access control.

RADIUS Server

How NetAttest EPS works

Click to enlarge image

RADIUS Functionality

  • Server for Authentication, Authorization and Accounting (AAA)
  • Supports a variety of RADIUS authentication protocols including ID/Password and Digital certificates (EAP-TLS)
  • Supports internal database, external database, or external authentication server for account information
  • MAC address authentication and One-Time Passwords options available
  • Closely follows IEEE 802.1X standard
  • Vendor neutral - no need for proprietary switches/WAPs/etc.

Private CA: Why Digital Certificates?

NetAttest comparison

Click to enlarge image

Private CA Functionality

  • Base for strong authentication via Public Key Infrastructure
  • No need to configure/purchase a separate CA or purchase certificates from a public CA
  • Supports functionality as a dedicated or subordinate CA
  • Supports integration with existing PKI

Simplified Digital Certificates

Soliton simplifies the distribution and management of digital certificates, which is otherwise considered difficult.
The EPS combined with EPS-ap and KeyManager secures the distribution/installation of certificates and
provides the same installation steps on all devices and operating systems.

Soliton Proprietary Digital Certificate Distribution Method

Enrollment mechanism that keeps all private keys in the remote access device

Soliton KeyManager NetAttest EPS AP

Click to enlarge image

EPS-ap

  • Acts as a proxy server to protect the internal CA (EPS) and handles SCEP requests during certificate deployment
  • Ensures only authorized devices are requesting certificates
  • Supports the Apple OTA protocol for certificates on Apple devices

KeyManager

  • User-friendly app for requesting/installing digital certificates for users/devices
  • Enroll complete in just 3 steps
  • Short-life certificate renewals for enhanced security
  • Supports Windows, macOS, iOS, Android
  • Private key never leaves the device
  • Removes the possibility of user error when installing certificates

Redundancy, Full Backups, and Fast Recovery

  • Configuration data is compiled in one file and can be backed up to an FTP server periodically
  • In the rare case that a failure occurs, the backup data can be used in an alternative device to restore normal operation in a very short time
  • Less than 20 seconds to complete a full backup
  • Less than 100 seconds for a full restore
  • Redundant installations automatically share configurations daily

NetAttest EPS (dedicated appliance) vs. General-purpose server

NetAttest EPS Graph

Click to enlarge image

NetAttest EPS Specifications

EPS-SX15-A & EPS-SX15-V EPS-ST05-A & EPS-ST05-V EPS-DX05-A & EPS-DX05-V
Max. number of user registration 200 200 / 500 / 2,000 / 5,000 100,000
Max. number of RADIUS clients 20 500 1,000 / 4,000
Supporting authentication protocol EAP-TLS, EAP-MD5, EAP-PEAP (MS-CHAPv2, GTC, TLS), EAP-TTLS (PAP, CHAP, MS-CHAP, MS-CHAPv2, GTC, EAP-MSCHAPv2, EAP-TLS), Cisco-LEAP, EAP-FAST, PAP, CHAP, MS-CHAP, MS-CHAPv2
Redundancy
Radius Extension One Time Password
MAC address authentication option
Group profile
Certificate Authority (CA) Client certificate publish
External server certificate publish
Max. number of certificates 400/1,000/4,000/10,000 200,000
Extended CA function
External Database Windows Domain
External LDAP database
RADIUS proxy
Log manage-ment RADIUS accounting
RADIUS detail accounting
Log maintenance
Other SNMP (agent), NTP synchronisation, Syslog (TCP/UDP), Support UPS

EPS-SX15-A EPS-ST05-A EPS-DX05-A
Form Factor Desktop (option rack mount kit) EIA19 inch (incl. rack mount kit)
Dimensions (W x D x H) 165 x 43 x 106 mm 438 x 44 x 292 mm 443 x 44 x 386 mm
Network interface 10/100/1000BASE-T(X) Auto-MDI-X x 4 ports
Weight 0.65 kg 4.2 kg 7.3 kg
Power supply 90 ~ 264VAC
47 ~ 63Hz (90 ~135Vac)
Max. power consumption 22 VA 28 VA 120 VA
Calorific value 75BTU/h
18.9kcal
22W		 95.5BTU/h
24.1kcal
28W		 409.2BTU/h
103.1kcal
120W
Operating environment Temperature 0 ~ 40°C
Humidity 20 ~ 90% non-condensing
Certifications VCCI (Class B)
FCC (Class B)
CE, UL, RoHS
PSE (power adapter)		 VCCI (Class A)
FCC (Class A)
CE, UL, RoHS
PSE (power cable)

EPS-SX15-V EPS-ST05-V EPS-DX05-V
Supporting virtual platform VMware ESXi 7.0 / 6.7 / 6.5
VMware virtual machine version 10
Virtual machine image OVA
Number of CPU 2 4 4
Memory size 2,048 MB 8,192 MB
HDD 1 2GB 5GB 96GB
Network adapter 4
  • Supports redundancy with virtual and physical appliance.
  • Support back-up/restore between virtual and physical appliance
  • No support for displacement by using virtual platform function such as Vmotion and VMwareFT (use the NetAttest EPS redundancy function)

MODEL OPTION LICENSE DESCRIPTION
OP1 EPS-ST05 User extended option (500)
  • Extend maximum number of user registration
OP2 EPS-ST05 Function extended option (2,000)
  • Extend maximum number of user registration
  • Enable Windows Domain authentication
  • Group Profile
OP3 Function extended option (5,000)
OP4 EPS-SX15 Windows Domain option
  • Enable Windows Domain authentication
OP5 EPS-DX05 RADIUS Client extended option
  • Extend maximum number of RADIUS Client
OP6 EPS-DX05 MAC Address extended option
  • Enable MAC Address authentication with dedicated DB (maximum 200,000 addresses are registrable)
OP7 EPS-ST05
OP8 EPS-SX15
OP9 EPS-DX05 CA Extended option
  • Enable certificate distribution by Web enroll
  • Enable certificate distribution by SCEP enroll
  • Enable publishing Windows Smart Card logon certificate
  • Execute certification profile
OP10 EPS-ST05 CA Extended option (200)
OP11 CA Extended option (500) * User extended option (500) is required to be purchased together
OP12 CA Extended option (2,000) * Function extended option (2,000) is required to be purchased together
OP13 CA Extended option (5,000) * Function extended option (5,000) is required to be purchased together
OP14 EPS-DX05 One-Time Password server option
  • Enable One-Time Password function
EPS-ST05
EPS-SX15