Portnox CLEAR Licensing Guide · The following Premium Support licenses are available: Part Number Premium Support add-on CLR-SPT-0250-1Y Portnox CLEAR License Premium Support 0-250

Portnox CLEAR

Licensing Guide August 2019

2

Portnox CLEAR Licensing Guide

Table of Contents

Introduction ................................................................................................................................................... 3

Base Subscription Tiers .................................................................................................................................. 4

Free & CLEAR License ................................................................................................................................ 4

Essentials License ...................................................................................................................................... 5

Enterprise License ..................................................................................................................................... 7

Add-on Licenses ........................................................................................................................................... 10

AgentP License ........................................................................................................................................ 10

Extended Guest Account Package ........................................................................................................... 11

Extended SMS Package ............................................................................................................................ 11

Premium Support License ....................................................................................................................... 11

Professional Services License .................................................................................................................. 12

Appendix A – Base subscription tiers summary table ................................................................................. 13

Appendix B – Add-ons summary table ........................................................................................................ 14

About Portnox ............................................................................................................................................. 15

3


Introduction Portnox CLEAR is a cloud-based Software as a Service, which provides secure network access control for

corporate devices, BYOD, and IoT, as well as employees, contractors and guests, across any multivendor

wired, wireless and VPN infrastructure.

At a high level, Portnox CLEAR offers the following license options (described in detail below):

Evaluation – A free 45-day trial subscription plan, with all capabilities enabled.

To keep the solution operational, the organization must upgrade to one of the paid subscription

tiers (Essentials or Enterprise) before trial expiration.

Three base subscription tiers, depending on the customer network layer and use case:

o Free & CLEAR – A free 1-year subscription plan for up to 10 devices, which includes basic

wireless access control capabilities.

o Essentials subscription tier – includes features for secure wireless access.

o Enterprise subscription tier – includes features for both wireless and wired secure access,

including advanced device profiling and eco system plug-ins.

Five add-on licenses for additional functionality on top of any paid base subscription tier,

depending on the intended use case:

o AgentP - provides endpoint continuous risk posture assessments over wireless, wired and

VPN connections

o Premium 24x7 level support

o Extended Guest account package

o Extended SMS package

o Professional Services

This document describes the licensing options available from the Portnox CLEAR service.

For pricing, please contact us.

mailto:[email protected]

4


Base Subscription Tiers

The Portnox CLEAR base subscription tiers are considered the base license for the entire organization

and therefore cannot be mixed. The base subscription tier is available in one of three types – Free &

CLEAR, Essentials or Enterprise. See Appendix A for a full summary of the features available for each

type.

Each base tier offers a different set of capabilities to best address the main access control use cases, as

well as define the number of allowed devices.

License consumption is based on the number of unique network-connected devices (including BYOD,

managed devices and IoT). Device uniqueness is generally determined either by the AgentP installed on

devices, or by unique MAC addresses.

Devices are considered inactive and removed from the CLEAR license only if they had not accessed the

corporate network for the past 4 days. Alternatively, devices can be manually removed using the CLEAR

portal's Devices page. Data regarding removed devices is archived.

In addition, Portnox CLEAR allows organizations to be temporarily over-provisioned, with up to 20%

additional connected devices on top of the license quota, so temporarily exceeding the quota does not

block devices out of the network.

The organization’s admin can monitor the acquired subscription tier, expiration date and quotas on the

CLEAR portal’s Help > Subscription Plan page.

Features and capabilities that are not available in the chosen subscription tier are greyed out in the

portal. Static data is visible but no actions can be executed on it.

Free & CLEAR License

The Free & CLEAR license includes basic functionality designed to secure and control access to wireless

networks for 1 year and for up to 10 devices only. The Free & CLEAR license provides the following:

Authentication Services:

o Cloud RADIUS

o User/Computer account based authentication

o MAC Authentication Bypass

o Certificate based authentication

o Account lifecycle synchronizations

Account Directories:

o CLEAR directory

o Azure Active Directory

o G Suite

5


o OKTA (coming soon)

Wi-Fi Security:

o 802.1X authentication

Control - Group authorization policy

Onboarding

o Device onboarding and activation services

o Certificate enrollment services

o Device provisioning services

The Free & CLEAR subscription tier does not allow the purchase of Add-on functionality (e.g. AgentP)

unless it is upgraded to either the Essentials or the Enterprise base subscription tier. In addition, the Free

& CLEAR subscription tier does not include vendor support.

The following Free & CLEAR license is available:

Part Number Free & CLEAR subscription

CLR-FREE-10-1Y Portnox CLEAR License Free & CLEAR 0-10 devices 1 year

Essentials License

Essentials license includes features designed to secure and control access to wireless networks. It

provides the following:


o Cloud RADIUS






o CLEAR directory


o G Suite


o MS Active Directory

6


o OpenLDAP

Wi-Fi Security:


o Dynamic VLAN / ACL Assignment

o Post Connect Authorization (via CoA)

Guest Access:

o Customizable captive portal

o Guest accounts – up to 25 authenticated guest accounts per day (or up to the number of

devices under the base subscription, whichever is lower)

o Self-onboarding for guests

o Sponsor-based guest onboarding

o SMS-based guest onboarding – up to 100 SMS onboardings per month

Control - Group authorization policy

Onboarding:




Reporting – Devices and activities report

Support – Business hours only

The Essentials base subscription tier can be upgraded to the Enterprise tier at any time during the

subscription period.

The following Essentials licenses are available:

Part Number Essentials subscription

CLR-ESN-0250-1Y Portnox CLEAR License Essentials 0-250 devices 1 year

CLR-ESN-0250-3Y Portnox CLEAR License Essentials 0-250 devices 3 years







CLR-ESN-5000P-1Y Portnox CLEAR License Essentials 5000+ devices 1 year

7


Part Number Essentials subscription

CLR-ESN-5000P-3Y Portnox CLEAR License Essentials 5000+ devices 3 years

Enterprise License

The Enterprise license includes features designed to secure and control access to both wired and

wireless networks, including advanced device profiling and eco system plug-ins. It provides the following:


o Cloud RADIUS





o Local failover


o CLEAR directory


o G Suite


o MS Active Directory

o OpenLDAP

Wi-Fi Security:




Wired Security:




Guest Access:

o Customizable captive portal

8


o Guest accounts – up to 50 authenticated guest accounts per day (or up to the number of

devices under the base subscription, whichever is lower)

o Self-onboarding for guests

o Sponsor-based guest onboarding

o SMS-based guest onboarding – up to 100 SMS onboarding per month

Control:

o Group authorization policy

o Dynamic group assignment per device type

Onboarding:




Reporting:

o Devices and activities report

o Security-compliance report

Endpoint profiling:

o Windows agentless profiler

o IoT profiler

Plug-ins:

o SIEM

o MS Intune

o MFA Admin access (SMS)

o Web SSO for Admin access

o RESTful API

Support:

o Business hours only

The following Enterprise licenses are available:

Part Number Enterprise subscription

CLR-ENT-0250-1Y Portnox CLEAR License Enterprise 0-250 devices 1 year

CLR-ENT-0250-3Y Portnox CLEAR License Enterprise 0-250 devices 3 years


9


Part Number Enterprise subscription






CLR-ENT-5000P-1Y Portnox CLEAR License Enterprise 5000+ devices 1 year

CLR-ENT-5000P-3Y Portnox CLEAR License Enterprise 5000+ devices 3 years

10


Add-on Licenses Portnox CLEAR offers five types of ‘add-on’ licenses that can be purchased on top of any paid base

subscription tier.

AgentP License

The AgentP license offers an agent for Windows, OSX, Android, iOS and Linux devices, which provides

endpoint continuous risk posture assessments and risk-based access to wireless, wired and VPN layers.

The AgentP license is consumed per each enrolled and registered device agent. Removal of AgentP from

the device, removes it also from the license.

Portnox AgentP capabilities include:

VPN authentication (Active Directory / Open LDAP)

VPN Multi Factor authentication (MFA)

VPN strong authentication based on device identity

Continuous risk assessment

Risk-based access-control policies - Wired, Wireless, VPN

Application risk-based access - OKTA integration

Palo Alto networks integration

MS DirectAccess Integration

Remediation (coming soon)

Certificate auto-enrollment

The following AgentP licenses are available:

Part Number AgentP add-on

CLR-AGTP-0250-1Y Portnox CLEAR License AgentP 0-250 devices 1 year

CLR-AGTP-0250-3Y Portnox CLEAR License AgentP 0-250 devices 3 years







CLR-AGTP-5000P-1Y Portnox CLEAR License AgentP 5000+ devices 1 year

CLR-AGTP-5000P-3Y Portnox CLEAR License AgentP 5000+ devices 3 years

11


Extended Guest Account Package

The Extended Guest Account package offers an additional 50 authenticated guest accounts per day.

The following Extended Guest Account licenses are available:

Part Number Guests add-on

CLR-GST-0050-1Y Portnox CLEAR License Guest 50 Pack 1 year

CLR-GST-0050-3Y Portnox CLEAR License Guest 50 Pack 3 years

Extended SMS Package

The Extended SMS package offers 1000 additional SMS-based guest onboardings.

The following Extended SMS licenses are available:

Part Number SMS Add-on

CLR-SMS-1000-1Y Portnox CLEAR License SMS 1000 Pack 1 year

CLR-SMS-1000-3Y Portnox CLEAR License SMS 1000 Pack 3 years

Premium Support License

The Premium Support license offers extended 24x7 support, compared with the default support level

which includes business hours only. This license must be applied to all devices under the base

subscription.

The following Premium Support licenses are available:

Part Number Premium Support add-on

CLR-SPT-0250-1Y Portnox CLEAR License Premium Support 0-250 devices 1 year

CLR-SPT-0250-3Y Portnox CLEAR License Premium Support 0-250 devices 3 years







CLR-SPT-5000P-1Y Portnox CLEAR License Premium Support 5000+ devices 1 year

CLR-SPT-5000P-3Y Portnox CLEAR License Premium Support 5000+ devices 3 years

12


Professional Services License

The Portnox Professional Services license offers various add-ons per deployment. These include:

An Onboarding package for Essential subscription setup. This package consists of up to 3 hours of

remote Professional Services support.

An Onboarding package for Enterprise subscription setup. This package consists of up to 5 hours

of remote Professional Services support.

1 hour of remote Professional Services

1 day of on-site Professional Services (travel expenses not included)

Training Package. This license offers a 1 day remote customer-training session for up to

7-participants, preformed on the customer's deployed system

The following Professional Services licenses are available:

Part Number Professional Services Add-on

CLR-PS-ONB-ESN Portnox CLEAR License Onboarding PS Pack Essentials (up to 3 hours)

CLR-PS-ONB-ENT Portnox CLEAR License Onboarding PS Pack Enterprise (up to 5 hours)

CLR-PS-HOUR-REMOTE Portnox CLEAR License Remote Professional Services 1 hour

CLR-PS-DAY-LOCAL Portnox CLEAR License On-site Professional Services 1 day

CLR-PS-EDU Portnox CLEAR License Customer Training

13


Appendix A – Base subscription tiers summary table Capability Feature Free & CLEAR Essentials Enterprise

Authentication Services

Cloud RADIUS V V V

User/Computer account based authentication

V V V

MAC Authentication Bypass V V V

Certificate based authentication V V V

Account lifecycle synchronizations V V V

Local failover V

Account Directories

CLEAR directory V V V

Azure Active Directory V V V

G Suite V V V

OKTA (coming soon) V V V

MS Active Directory V V

OpenLDAP V V

Wi-Fi Security

802.1X authentication V V V

Dynamic VLAN / ACL Assignment V V

Post Connect Authorization V V

Wired Security

802.1X authentication V

Dynamic VLAN / ACL Assignment V

Post Connect Authorization V

Guest Access

Customizable captive portal V V

Guest accounts Up to 25 guests per day

Up to 50 guests per day

Self-onboarding for guests V V

Sponsor-based guest onboarding V V

SMS-based guest onboarding Up to 100 SMS per month

Up to 100 SMS per month

Control

Group authorization policy V V V

Dynamic group assignment per device type

V

Onboarding

Device onboarding and activation services

V V V

Certificate enrollment services V V V

Device provisioning services V V V

Reporting Devices and activities report V V

Security-compliance report V

Endpoint Profiling

Windows agentless profiler V

IoT Profiler V

14


Capability Feature Free & CLEAR Essentials Enterprise

Plugins

SIEM V

MS Intune V

MFA Admin access (SMS) V

Web SSO for Admin access V

RESTful API V

Support Business hours V V

Appendix B – Add-ons summary table Add-ons Details

CLEAR AgentP VPN Authentication (Active Directory / Open LDAP)

VPN Multi Factor authentication (MFA)

VPN Strong authentication based on device identity

Continuous Risk Assessment

Risk Based Access control policies - Wired, Wireless, VPN

Application Risk Based Access - OKTA integration

Palo Alto Networks Integration

MS Direct Access Integration

Remediation (coming soon)

Certificate auto-enrollment

Extended Guest Package Additional 50 guest accounts

Additional SMS Package Additional 1000 SMS-based guest onboardings

Premium Support 24x7

Onboarding PS package for Essentials Up to 3 remote Professional Services hours

Onboarding PS package for Enterprise Up to 5 remote Professional Services hours

Professional Services (Remote) Remote Professional Services session (hourly)

Professional Services (on-site) On-site Professional Services session (daily)

Customer Training 1 day remote training session for up to 7 participants

15


About Portnox Portnox secures connected organizations’ corporate networks utilizing its next-generation network

access control and management solutions. Portnox’s solutions manage every user and every device –

including Internet of Things (IoT), BYOD, mobile and managed devices – accessing the network,

anywhere.

Founded in 2007, Portnox provides its global customers with a complete view of device and network

visibility, reducing security risks and improving network control. Portnox offers two solutions – CORE for

On-Premise NAC and CLEAR for cloud-based NAC – allowing companies to grow, optimize, and evolve

their infrastructure while maintaining the upmost security and compliance. The company was recognized

by Gartner as a pure-play security vendor of network access control solutions and is a recipient of the

2016 Global Frost & Sullivan Award for Competitive Strategy Innovation and Leadership, among other

Security Industry Awards. Portnox has offices in the U.S. and in Europe. www.portnox.com

To find out more about Portnox CLEAR subscription tier plans, contact us!

https://www.portnox.com/

mailto:[email protected]

Documents

Portnox CLEAR Licensing Guide · The following Premium Support licenses are available: Part Number Premium Support add-on CLR-SPT-0250-1Y Portnox CLEAR License Premium Support 0-250