Endpoint Segmentation Service

Hard- & Software.

narrowin Hardware

Implementation via narrowin nodes

The narrowin nodes are available as hardware in different variants. They offer a high level of security due to true Layer 3 separation and mechanisms such as least privilege, no externally accessible services and a simple upgrade mechanism. The nodes are delivered with a customer-specific config, which enables fast and easy deployment. In addtion to statically configured access controll lists, we provide a possibility to query external dynamic access lists. Non-standard use cases can be covered by custom firmware.

Implementation on existing switches

For the implementation on existing infrastructure, MAC addresses are linked to corresponding Access List Profiles on the Controller. When the MAC address appears on the switch (device is connected), it is authenticated by MAC Authentication (part of 802.1X) via Radius and then provided with the predefined downloadable Access List (DACL). This solution can be implemented on the switches of many popular vendors (e.g. Cisco, Aruba or Cumulus). This type of micro-segmentation thus scales to a large number of endpoints and integrates into the existing system landscape.

• Operating System Linux OpenWRT (Project Website)
• Connection Wireless or Ethernet
• Ethernet 2 x RJ45 100Mbps
• Wireless throughput 300Mbps
• Wireless protocol 802.11 b/g/n
• Wireless frequency 2.4GHz
• Power supply Micro USB (5V/1A)
• Dimensions approx. 58 x 58 x 25mm

• Operating System Linux OpenWRT (Project Website)
• Connection Ethernet
• Ethernet 2 x RJ45 1000Mbps
• Power supply USB-C (5V/2A)
• Dimensions approx. 60 x 60 x 26mm

For further information please contact us.