• Dynamic VLAN allocation
    The VLAN concerned is allocated automatically to the Switch Port on the basis of the connected device. This always ensures that the relevant device is located in the predefined VLAN, irrespective of the switch or port on which it is actually connected in the company. Unknown devices are rejected or can be assigned to a dedicated guest VLAN.

  • Voice VLAN support
    Due to the special support of VoIP telephones with an integrated switch, the connected devices can be allocated to their defined VLAN (for example: The VoIP telephone is in the Voice VLAN but the PC connected to the VoIP telephone is connected into the Office VLAN).

  • Extended WLAN support
    A dedicated WLAN key can be assigned to each WLAN device. This means that there is no need to generate a master WLAN key for the entire WLAN access point, so WLAN security is increased if, for example, this key becomes known to third-party companies. Targeted WLAN devices can therefore also be de-activated individually.

  • Support of all LAN devices
    Since PNAC directly sets the ports of the switches with the relevant VLAN association, no dedicated agent is needed on the devices. As a result, all network components (printers, time recording systems, mobile devices, etc.) are supported.

  • Support of unmanaged Desktop Switches
    Switches that do not support IEEE 802.1X can also be implemented. The (IEEE 802.1X-enabled) CoreSwitch is configured as a backbone discriminator.

  • Quarantine LAN support
    With the additionally available XEOX WuInstall module, devices that were not visible in the LAN for a specific, freely selectable time can be automatically allocated and patched into a quarantine VLAN before they are returned to their allocated VLAN.

  • Network documentation and evaluation
    Automatic network documentation enables a fast search of devices and provides information on their use. This gives a permanent overview of the switches or ports on which the various devices are located.

  • Top network traffic
    Devices can be evaluated on the basis of their LAN traffic, as a result of which LAN overloads can be actively remedied.

  • Authentication variants
    MAC address, client-certificated and client password-based authentications are supported on each switch. This allows different switch areas to be assigned to security levels of differing strengths (for example: production is MAC-based, whereas the office is client-certificated-based).

  • Mail notification (security alarm)
    If unknown devices are connected, an alarm is triggered, for example based on e-mail notification.

  • Vendor independence
    The PNAC server supports all IEEE 802.1X-enabled switches, thereby creating a heterogeneous switch hardware landscape.

  • Heterogeneous server landscape
    PNAC is integrated heterogeneously into the Windows system landscape as a LINUX appliance or VM image. In the event of a virus attack in the Windows environment, this prevents any simultaneous attack by this virus on the PNAC system.

  • Uniform configuration
    All switches can be uniformly configured, thereby drastically reducing the recovery time in the event of a hardware failure and substantially simplifying switch management.

  • Simple migration
    The open import interface and integrated LAN device scanner enable a very simple import of existing LAN devices into the integrated CMDB.

  • Easy to install
    PNAC is available as a stand-alone device or as an unattended SW setup (VM image) and supports all V-Host solutions.

  • No network expertise required
    All functions are configured via an intuitive Web interface which requires no special knowledge of networks or switches.

  • Easy to work with
    The ease and simplicity of operation allow IT staff to focus on security-related areas.

  • Global usability
    PNAC can also be used in countries where LAN encryption (IP-Sec) is not wanted (for example China, United Arab Emirates, etc.), since PNAC automatically de-activates the Switch Port if it encounters unknown devices.

  • Multiple site support
    Companies with multiple branch offices have the option of assigning devices to different VLANs depending on the site.

  • Redundancy
    Several PNAC servers can be operated in cluster mode to guarantee the resilience of the PNAC service in the company.