Skip to Content

EMBASSY® Endpoint EnforcerExtending the Integrity
of Network Access Control

Network Access Control (NAC) is a method of bolstering the security of a proprietary network by either restricting network resources to endpoint devices or updating endpoint devices according to a defined security policy.


Click to View

EMBASSY Endpoint Enforcer (EEE) works in concert with a NAC system to verify the health of the PC and whether the NAC components can be trusted prior to passing control to the system for further investigation. EMBASSY Endpoint Enforcer uses the security of dedicated hardware, the Trusted Platform Module (TPM), to ensure that the platform health measurements can be trusted.

Intelligent, Secure Measurement of PC/Endpoint Health and Integrity

Store

  • Client health metrics reside in TPM

Protect

  • Shields NAC software from attacks
  • Signs client health metrics

Validate

  • Validates NAC component measurements
  • Generates activity logs for compliance reporting

Machine Authentication + Protected Integrity Metrics = Trusted NAC


Click to View

Key Features of the
EMBASSY Endpoint Enforcer:

System Integrity

  • Measures endpoint security system components to ensure the integrity of the system.
  • Measures any component on the endpoint per the corporate security policy.
  • Provides secured measurements to EEE Server for validation.
  • Enables 3rd-party applications and services to make informed access decisions.

Hardware Security

  • Uses Trusted Platform Module (TPM) security chip as the root of trust for reporting (RTR).
  • Securely stores platform health integrity measurements.

Partner Support

  • Fully compliant with Trusted Network Connect (TNC) APIs specified by the Trusted Computing Group (TCG) which is an interoperable, open standard.
  • Verified to be interoperable with major providers of TNC products.
  • Includes a Software Developer's Kit (SDK) for adapting a 3rd-party's NAC system to EEE.
  • Easily adaptable to non-TNC Network Access Control systems.

Key Benefits:

EEE Extends NAC Security:

  • Strong platform identity for machine authentication.
  • Greater protection against software attacks that create "lying endpoints."
  • Better compliance verification through leveraging TPM "root of trust" to protect against unauthorized client security changes.

Network Access Control System Providers:
Integrating hardware-based security with the EMBASSY Endpoint Enforcer into your endpoint security system gives the added assurance that the system can be trusted.

Trusted Network Connect Providers:
Distributing the EMBASSY Endpoint Enforcer with your TNC solution provides security against spoofing for deployment with the extensive network of Trusted Platforms. For IMC/IMV component providers, the EEE SDK can be used to ensure that the metrics you collect are trustworthy and have not been tampered with.

Businesses:
If you are interested in deploying a NAC system, Wave can help you investigate its underlying security and how to help prevent attacks against the system.

 

EMBASSY Endpoint Enforcer is the Foundation of Trust for Network Security


Click to View

 

To purchase, or for more information, please email us at sales@wavesys.com or call us at (877) 228-WAVE.