NetAttest EPS

Home » IT Security » NetAttest EPS

Optimize and Streamline
Your Authentication Experience

Optimize and Streamline Your Authentication Experience

Simplify and Fortify Network Access Control with Digital Certificates

The NetAttest EPS is a port-based network access control solution that utilizes the IEEE 802.1X standard and functions as an authentication server with built-in digital certificate capabilities. The EPS protects wired, Wi-Fi, and VPN connections to networks of any size, in any location.

Key Features:

  • Prevent unauthorized network access and data breach
  • All-in-one solution – RADIUS, Public Key Infrastructure (PKI), Private Certificate Authority (CA), One-Time Password (OTP), Two-Factor Authentication (2FA)
  • Easily manage digital certificates for user and device authentication – even on unmanaged/private devices
  • Fast backup and redundancy
Simplify and Fortify Network Access Control with Digital Certificates

All-in-one RADIUS and CA Server

The EPS is all you need to protect the network with complete network access control.

RADIUS Server

How NetAttest EPS works

Click to enlarge image

RADIUS Functionality

  • Server for Authentication, Authorization and Accounting (AAA)
  • Supports a variety of RADIUS authentication protocols including ID/Password and Digital certificates (EAP-TLS)
  • Supports internal database, external database, or external authentication server for account information
  • MAC address authentication and One-Time Passwords options available
  • Closely follows IEEE 802.1X standard
  • Vendor neutral - no need for proprietary switches/WAPs/etc.

Private CA: Why Digital Certificates?

NetAttest comparison

Click to enlarge image

Private CA Functionality

  • Base for strong authentication via Public Key Infrastructure
  • No need to configure/purchase a separate CA or purchase certificates from a public CA
  • Supports functionality as a dedicated or subordinate CA
  • Supports integration with existing PKI

Simplified Digital Certificates

Soliton simplifies the distribution and management of digital certificates, which is otherwise considered difficult.
The EPS combined with EPS-ap and KeyManager secures the distribution/installation of certificates and
provides the same installation steps on all devices and operating systems.

Soliton Proprietary Digital Certificate Distribution Method

Enrollment mechanism that keeps all private keys in the remote access device

Soliton KeyManager NetAttest EPS AP

Click to enlarge image

EPS-ap

  • Acts as a proxy server to protect the internal CA (EPS) and handles SCEP requests during certificate deployment
  • Ensures only authorized devices are requesting certificates
  • Supports the Apple OTA protocol for certificates on Apple devices

KeyManager

  • User-friendly app for requesting/installing digital certificates for users/devices
  • Enroll complete in just 3 steps
  • Short-life certificate renewals for enhanced security
  • Supports Windows, macOS, iOS, Android
  • Private key never leaves the device
  • Removes the possibility of user error when installing certificates

Redundancy, Full Backups, and Fast Recovery

  • Configuration data is compiled in one file and can be backed up to an FTP server periodically
  • In the rare case that a failure occurs, the backup data can be used in an alternative device to restore normal operation in a very short time
  • Less than 20 seconds to complete a full backup
  • Less than 100 seconds for a full restore
  • Redundant installations automatically share configurations daily

NetAttest EPS (dedicated appliance) vs. General-purpose server

NetAttest EPS Graph

Click to enlarge image

NetAttest EPS Specifications

EPS-SX15-A & EPS-SX15-VEPS-ST05-A & EPS-ST05-VEPS-DX05-A & EPS-DX05-V
Max. number of user registration200200 / 500 / 2,000 / 5,000100,000
Max. number of RADIUS clients205001,000 / 4,000
Supporting authentication protocolEAP-TLS, EAP-MD5, EAP-PEAP (MS-CHAPv2, GTC, TLS), EAP-TTLS (PAP, CHAP, MS-CHAP, MS-CHAPv2, GTC, EAP-MSCHAPv2, EAP-TLS), Cisco-LEAP, EAP-FAST, PAP, CHAP, MS-CHAP, MS-CHAPv2
Redundancy
Radius ExtensionOne Time Password
MAC address authentication option
Group profile
Certificate Authority (CA)Client certificate publish
External server certificate publish
Max. number of certificates400/1,000/4,000/10,000200,000
Extended CA function
External DatabaseWindows Domain
External LDAP database
RADIUS proxy
Log manage-mentRADIUS accounting
RADIUS detail accounting
Log maintenance
OtherSNMP (agent), NTP synchronisation, Syslog (TCP/UDP), Support UPS

EPS-SX15-AEPS-ST05-AEPS-DX05-A
Form FactorDesktop (option rack mount kit)EIA19 inch (incl. rack mount kit)
Dimensions (W x D x H)165 x 43 x 106 mm438 x 44 x 292 mm443 x 44 x 386 mm
Network interface10/100/1000BASE-T(X) Auto-MDI-X x 4 ports
Weight0.65 kg4.2 kg7.3 kg
Power supply90 ~ 264VAC
47 ~ 63Hz (90 ~135Vac)
Max. power consumption22 VA28 VA120 VA
Calorific value75BTU/h
18.9kcal
22W		95.5BTU/h
24.1kcal
28W		409.2BTU/h
103.1kcal
120W
Operating environmentTemperature 0 ~ 40°C
Humidity 20 ~ 90% non-condensing
CertificationsVCCI (Class B)
FCC (Class B)
CE, UL, RoHS
PSE (power adapter)		VCCI (Class A)
FCC (Class A)
CE, UL, RoHS
PSE (power cable)

EPS-SX15-VEPS-ST05-VEPS-DX05-V
Supporting virtual platformVMware ESXi 7.0 / 6.7 / 6.5
VMware virtual machine version10
Virtual machine imageOVA
Number of CPU244
Memory size2,048 MB8,192 MB
HDD 12GB5GB96GB
Network adapter4
  • Supports redundancy with virtual and physical appliance.
  • Support back-up/restore between virtual and physical appliance
  • No support for displacement by using virtual platform function such as Vmotion and VMwareFT (use the NetAttest EPS redundancy function)

MODELOPTION LICENSEDESCRIPTION
OP1EPS-ST05User extended option (500)
  • Extend maximum number of user registration
OP2EPS-ST05Function extended option (2,000)
  • Extend maximum number of user registration
  • Enable Windows Domain authentication
  • Group Profile
OP3Function extended option (5,000)
OP4EPS-SX15Windows Domain option
  • Enable Windows Domain authentication
OP5EPS-DX05RADIUS Client extended option
  • Extend maximum number of RADIUS Client
OP6EPS-DX05MAC Address extended option
  • Enable MAC Address authentication with dedicated DB (maximum 200,000 addresses are registrable)
OP7EPS-ST05
OP8EPS-SX15
OP9EPS-DX05CA Extended option
  • Enable certificate distribution by Web enroll
  • Enable certificate distribution by SCEP enroll
  • Enable publishing Windows Smart Card logon certificate
  • Execute certification profile
OP10EPS-ST05CA Extended option (200)
OP11CA Extended option (500) * User extended option (500) is required to be purchased together
OP12CA Extended option (2,000) * Function extended option (2,000) is required to be purchased together
OP13CA Extended option (5,000) * Function extended option (5,000) is required to be purchased together
OP14EPS-DX05One-Time Password server option
  • Enable One-Time Password function
EPS-ST05
EPS-SX15