Upload
others
View
20
Download
0
Embed Size (px)
Citation preview
Portnox CLEAR
Licensing Guide August 2019
2
Portnox CLEAR Licensing Guide
Table of Contents
Introduction ................................................................................................................................................... 3
Base Subscription Tiers .................................................................................................................................. 4
Free & CLEAR License ................................................................................................................................ 4
Essentials License ...................................................................................................................................... 5
Enterprise License ..................................................................................................................................... 7
Add-on Licenses ........................................................................................................................................... 10
AgentP License ........................................................................................................................................ 10
Extended Guest Account Package ........................................................................................................... 11
Extended SMS Package ............................................................................................................................ 11
Premium Support License ....................................................................................................................... 11
Professional Services License .................................................................................................................. 12
Appendix A – Base subscription tiers summary table ................................................................................. 13
Appendix B – Add-ons summary table ........................................................................................................ 14
About Portnox ............................................................................................................................................. 15
3
Portnox CLEAR Licensing Guide
Introduction Portnox CLEAR is a cloud-based Software as a Service, which provides secure network access control for
corporate devices, BYOD, and IoT, as well as employees, contractors and guests, across any multivendor
wired, wireless and VPN infrastructure.
At a high level, Portnox CLEAR offers the following license options (described in detail below):
Evaluation – A free 45-day trial subscription plan, with all capabilities enabled.
To keep the solution operational, the organization must upgrade to one of the paid subscription
tiers (Essentials or Enterprise) before trial expiration.
Three base subscription tiers, depending on the customer network layer and use case:
o Free & CLEAR – A free 1-year subscription plan for up to 10 devices, which includes basic
wireless access control capabilities.
o Essentials subscription tier – includes features for secure wireless access.
o Enterprise subscription tier – includes features for both wireless and wired secure access,
including advanced device profiling and eco system plug-ins.
Five add-on licenses for additional functionality on top of any paid base subscription tier,
depending on the intended use case:
o AgentP - provides endpoint continuous risk posture assessments over wireless, wired and
VPN connections
o Premium 24x7 level support
o Extended Guest account package
o Extended SMS package
o Professional Services
This document describes the licensing options available from the Portnox CLEAR service.
For pricing, please contact us.
4
Portnox CLEAR Licensing Guide
Base Subscription Tiers
The Portnox CLEAR base subscription tiers are considered the base license for the entire organization
and therefore cannot be mixed. The base subscription tier is available in one of three types – Free &
CLEAR, Essentials or Enterprise. See Appendix A for a full summary of the features available for each
type.
Each base tier offers a different set of capabilities to best address the main access control use cases, as
well as define the number of allowed devices.
License consumption is based on the number of unique network-connected devices (including BYOD,
managed devices and IoT). Device uniqueness is generally determined either by the AgentP installed on
devices, or by unique MAC addresses.
Devices are considered inactive and removed from the CLEAR license only if they had not accessed the
corporate network for the past 4 days. Alternatively, devices can be manually removed using the CLEAR
portal's Devices page. Data regarding removed devices is archived.
In addition, Portnox CLEAR allows organizations to be temporarily over-provisioned, with up to 20%
additional connected devices on top of the license quota, so temporarily exceeding the quota does not
block devices out of the network.
The organization’s admin can monitor the acquired subscription tier, expiration date and quotas on the
CLEAR portal’s Help > Subscription Plan page.
Features and capabilities that are not available in the chosen subscription tier are greyed out in the
portal. Static data is visible but no actions can be executed on it.
Free & CLEAR License
The Free & CLEAR license includes basic functionality designed to secure and control access to wireless
networks for 1 year and for up to 10 devices only. The Free & CLEAR license provides the following:
Authentication Services:
o Cloud RADIUS
o User/Computer account based authentication
o MAC Authentication Bypass
o Certificate based authentication
o Account lifecycle synchronizations
Account Directories:
o CLEAR directory
o Azure Active Directory
o G Suite
5
Portnox CLEAR Licensing Guide
o OKTA (coming soon)
Wi-Fi Security:
o 802.1X authentication
Control - Group authorization policy
Onboarding
o Device onboarding and activation services
o Certificate enrollment services
o Device provisioning services
The Free & CLEAR subscription tier does not allow the purchase of Add-on functionality (e.g. AgentP)
unless it is upgraded to either the Essentials or the Enterprise base subscription tier. In addition, the Free
& CLEAR subscription tier does not include vendor support.
The following Free & CLEAR license is available:
Part Number Free & CLEAR subscription
CLR-FREE-10-1Y Portnox CLEAR License Free & CLEAR 0-10 devices 1 year
Essentials License
Essentials license includes features designed to secure and control access to wireless networks. It
provides the following:
Authentication Services:
o Cloud RADIUS
o User/Computer account based authentication
o MAC Authentication Bypass
o Certificate based authentication
o Account lifecycle synchronizations
Account Directories:
o CLEAR directory
o Azure Active Directory
o G Suite
o OKTA (coming soon)
o MS Active Directory
6
Portnox CLEAR Licensing Guide
o OpenLDAP
Wi-Fi Security:
o 802.1X authentication
o Dynamic VLAN / ACL Assignment
o Post Connect Authorization (via CoA)
Guest Access:
o Customizable captive portal
o Guest accounts – up to 25 authenticated guest accounts per day (or up to the number of
devices under the base subscription, whichever is lower)
o Self-onboarding for guests
o Sponsor-based guest onboarding
o SMS-based guest onboarding – up to 100 SMS onboardings per month
Control - Group authorization policy
Onboarding:
o Device onboarding and activation services
o Certificate enrollment services
o Device provisioning services
Reporting – Devices and activities report
Support – Business hours only
The Essentials base subscription tier can be upgraded to the Enterprise tier at any time during the
subscription period.
The following Essentials licenses are available:
Part Number Essentials subscription
CLR-ESN-0250-1Y Portnox CLEAR License Essentials 0-250 devices 1 year
CLR-ESN-0250-3Y Portnox CLEAR License Essentials 0-250 devices 3 years
CLR-ESN-1000-1Y Portnox CLEAR License Essentials 250-1000 devices 1 year
CLR-ESN-1000-3Y Portnox CLEAR License Essentials 250-1000 devices 3 years
CLR-ESN-2500-1Y Portnox CLEAR License Essentials 1000-2500 devices 1 year
CLR-ESN-2500-3Y Portnox CLEAR License Essentials 1000-2500 devices 3 years
CLR-ESN-5000-1Y Portnox CLEAR License Essentials 2500-5000 devices 1 year
CLR-ESN-5000-3Y Portnox CLEAR License Essentials 2500-5000 devices 3 years
CLR-ESN-5000P-1Y Portnox CLEAR License Essentials 5000+ devices 1 year
7
Portnox CLEAR Licensing Guide
Part Number Essentials subscription
CLR-ESN-5000P-3Y Portnox CLEAR License Essentials 5000+ devices 3 years
Enterprise License
The Enterprise license includes features designed to secure and control access to both wired and
wireless networks, including advanced device profiling and eco system plug-ins. It provides the following:
Authentication Services:
o Cloud RADIUS
o User/Computer account based authentication
o MAC Authentication Bypass
o Certificate based authentication
o Account lifecycle synchronizations
o Local failover
Account Directories:
o CLEAR directory
o Azure Active Directory
o G Suite
o OKTA (coming soon)
o MS Active Directory
o OpenLDAP
Wi-Fi Security:
o 802.1X authentication
o Dynamic VLAN / ACL Assignment
o Post Connect Authorization (via CoA)
Wired Security:
o 802.1X authentication
o Dynamic VLAN / ACL Assignment
o Post Connect Authorization (via CoA)
Guest Access:
o Customizable captive portal
8
Portnox CLEAR Licensing Guide
o Guest accounts – up to 50 authenticated guest accounts per day (or up to the number of
devices under the base subscription, whichever is lower)
o Self-onboarding for guests
o Sponsor-based guest onboarding
o SMS-based guest onboarding – up to 100 SMS onboarding per month
Control:
o Group authorization policy
o Dynamic group assignment per device type
Onboarding:
o Device onboarding and activation services
o Certificate enrollment services
o Device provisioning services
Reporting:
o Devices and activities report
o Security-compliance report
Endpoint profiling:
o Windows agentless profiler
o IoT profiler
Plug-ins:
o SIEM
o MS Intune
o MFA Admin access (SMS)
o Web SSO for Admin access
o RESTful API
Support:
o Business hours only
The following Enterprise licenses are available:
Part Number Enterprise subscription
CLR-ENT-0250-1Y Portnox CLEAR License Enterprise 0-250 devices 1 year
CLR-ENT-0250-3Y Portnox CLEAR License Enterprise 0-250 devices 3 years
CLR-ENT-1000-1Y Portnox CLEAR License Enterprise 250-1000 devices 1 year
9
Portnox CLEAR Licensing Guide
Part Number Enterprise subscription
CLR-ENT-1000-3Y Portnox CLEAR License Enterprise 250-1000 devices 3 years
CLR-ENT-2500-1Y Portnox CLEAR License Enterprise 1000-2500 devices 1 year
CLR-ENT-2500-3Y Portnox CLEAR License Enterprise 1000-2500 devices 3 years
CLR-ENT-5000-1Y Portnox CLEAR License Enterprise 2500-5000 devices 1 year
CLR-ENT-5000-3Y Portnox CLEAR License Enterprise 2500-5000 devices 3 years
CLR-ENT-5000P-1Y Portnox CLEAR License Enterprise 5000+ devices 1 year
CLR-ENT-5000P-3Y Portnox CLEAR License Enterprise 5000+ devices 3 years
10
Portnox CLEAR Licensing Guide
Add-on Licenses Portnox CLEAR offers five types of ‘add-on’ licenses that can be purchased on top of any paid base
subscription tier.
AgentP License
The AgentP license offers an agent for Windows, OSX, Android, iOS and Linux devices, which provides
endpoint continuous risk posture assessments and risk-based access to wireless, wired and VPN layers.
The AgentP license is consumed per each enrolled and registered device agent. Removal of AgentP from
the device, removes it also from the license.
Portnox AgentP capabilities include:
VPN authentication (Active Directory / Open LDAP)
VPN Multi Factor authentication (MFA)
VPN strong authentication based on device identity
Continuous risk assessment
Risk-based access-control policies - Wired, Wireless, VPN
Application risk-based access - OKTA integration
Palo Alto networks integration
MS DirectAccess Integration
Remediation (coming soon)
Certificate auto-enrollment
The following AgentP licenses are available:
Part Number AgentP add-on
CLR-AGTP-0250-1Y Portnox CLEAR License AgentP 0-250 devices 1 year
CLR-AGTP-0250-3Y Portnox CLEAR License AgentP 0-250 devices 3 years
CLR-AGTP-1000-1Y Portnox CLEAR License AgentP 250-1000 devices 1 year
CLR-AGTP-1000-3Y Portnox CLEAR License AgentP 250-1000 devices 3 years
CLR-AGTP-2500-1Y Portnox CLEAR License AgentP 1000-2500 devices 1 year
CLR-AGTP-2500-3Y Portnox CLEAR License AgentP 1000-2500 devices 3 years
CLR-AGTP-5000-1Y Portnox CLEAR License AgentP 2500-5000 devices 1 year
CLR-AGTP-5000-3Y Portnox CLEAR License AgentP 2500-5000 devices 3 years
CLR-AGTP-5000P-1Y Portnox CLEAR License AgentP 5000+ devices 1 year
CLR-AGTP-5000P-3Y Portnox CLEAR License AgentP 5000+ devices 3 years
11
Portnox CLEAR Licensing Guide
Extended Guest Account Package
The Extended Guest Account package offers an additional 50 authenticated guest accounts per day.
The following Extended Guest Account licenses are available:
Part Number Guests add-on
CLR-GST-0050-1Y Portnox CLEAR License Guest 50 Pack 1 year
CLR-GST-0050-3Y Portnox CLEAR License Guest 50 Pack 3 years
Extended SMS Package
The Extended SMS package offers 1000 additional SMS-based guest onboardings.
The following Extended SMS licenses are available:
Part Number SMS Add-on
CLR-SMS-1000-1Y Portnox CLEAR License SMS 1000 Pack 1 year
CLR-SMS-1000-3Y Portnox CLEAR License SMS 1000 Pack 3 years
Premium Support License
The Premium Support license offers extended 24x7 support, compared with the default support level
which includes business hours only. This license must be applied to all devices under the base
subscription.
The following Premium Support licenses are available:
Part Number Premium Support add-on
CLR-SPT-0250-1Y Portnox CLEAR License Premium Support 0-250 devices 1 year
CLR-SPT-0250-3Y Portnox CLEAR License Premium Support 0-250 devices 3 years
CLR-SPT-1000-1Y Portnox CLEAR License Premium Support 250-1000 devices 1 year
CLR-SPT-1000-3Y Portnox CLEAR License Premium Support 250-1000 devices 3 years
CLR-SPT-2500-1Y Portnox CLEAR License Premium Support 1000-2500 devices 1 year
CLR-SPT-2500-3Y Portnox CLEAR License Premium Support 1000-2500 devices 3 years
CLR-SPT-5000-1Y Portnox CLEAR License Premium Support 2500-5000 devices 1 year
CLR-SPT-5000-3Y Portnox CLEAR License Premium Support 2500-5000 devices 3 years
CLR-SPT-5000P-1Y Portnox CLEAR License Premium Support 5000+ devices 1 year
CLR-SPT-5000P-3Y Portnox CLEAR License Premium Support 5000+ devices 3 years
12
Portnox CLEAR Licensing Guide
Professional Services License
The Portnox Professional Services license offers various add-ons per deployment. These include:
An Onboarding package for Essential subscription setup. This package consists of up to 3 hours of
remote Professional Services support.
An Onboarding package for Enterprise subscription setup. This package consists of up to 5 hours
of remote Professional Services support.
1 hour of remote Professional Services
1 day of on-site Professional Services (travel expenses not included)
Training Package. This license offers a 1 day remote customer-training session for up to
7-participants, preformed on the customer's deployed system
The following Professional Services licenses are available:
Part Number Professional Services Add-on
CLR-PS-ONB-ESN Portnox CLEAR License Onboarding PS Pack Essentials (up to 3 hours)
CLR-PS-ONB-ENT Portnox CLEAR License Onboarding PS Pack Enterprise (up to 5 hours)
CLR-PS-HOUR-REMOTE Portnox CLEAR License Remote Professional Services 1 hour
CLR-PS-DAY-LOCAL Portnox CLEAR License On-site Professional Services 1 day
CLR-PS-EDU Portnox CLEAR License Customer Training
13
Portnox CLEAR Licensing Guide
Appendix A – Base subscription tiers summary table Capability Feature Free & CLEAR Essentials Enterprise
Authentication Services
Cloud RADIUS V V V
User/Computer account based authentication
V V V
MAC Authentication Bypass V V V
Certificate based authentication V V V
Account lifecycle synchronizations V V V
Local failover V
Account Directories
CLEAR directory V V V
Azure Active Directory V V V
G Suite V V V
OKTA (coming soon) V V V
MS Active Directory V V
OpenLDAP V V
Wi-Fi Security
802.1X authentication V V V
Dynamic VLAN / ACL Assignment V V
Post Connect Authorization V V
Wired Security
802.1X authentication V
Dynamic VLAN / ACL Assignment V
Post Connect Authorization V
Guest Access
Customizable captive portal V V
Guest accounts Up to 25 guests per day
Up to 50 guests per day
Self-onboarding for guests V V
Sponsor-based guest onboarding V V
SMS-based guest onboarding Up to 100 SMS per month
Up to 100 SMS per month
Control
Group authorization policy V V V
Dynamic group assignment per device type
V
Onboarding
Device onboarding and activation services
V V V
Certificate enrollment services V V V
Device provisioning services V V V
Reporting Devices and activities report V V
Security-compliance report V
Endpoint Profiling
Windows agentless profiler V
IoT Profiler V
14
Portnox CLEAR Licensing Guide
Capability Feature Free & CLEAR Essentials Enterprise
Plugins
SIEM V
MS Intune V
MFA Admin access (SMS) V
Web SSO for Admin access V
RESTful API V
Support Business hours V V
Appendix B – Add-ons summary table Add-ons Details
CLEAR AgentP VPN Authentication (Active Directory / Open LDAP)
VPN Multi Factor authentication (MFA)
VPN Strong authentication based on device identity
Continuous Risk Assessment
Risk Based Access control policies - Wired, Wireless, VPN
Application Risk Based Access - OKTA integration
Palo Alto Networks Integration
MS Direct Access Integration
Remediation (coming soon)
Certificate auto-enrollment
Extended Guest Package Additional 50 guest accounts
Additional SMS Package Additional 1000 SMS-based guest onboardings
Premium Support 24x7
Onboarding PS package for Essentials Up to 3 remote Professional Services hours
Onboarding PS package for Enterprise Up to 5 remote Professional Services hours
Professional Services (Remote) Remote Professional Services session (hourly)
Professional Services (on-site) On-site Professional Services session (daily)
Customer Training 1 day remote training session for up to 7 participants
15
Portnox CLEAR Licensing Guide
About Portnox Portnox secures connected organizations’ corporate networks utilizing its next-generation network
access control and management solutions. Portnox’s solutions manage every user and every device –
including Internet of Things (IoT), BYOD, mobile and managed devices – accessing the network,
anywhere.
Founded in 2007, Portnox provides its global customers with a complete view of device and network
visibility, reducing security risks and improving network control. Portnox offers two solutions – CORE for
On-Premise NAC and CLEAR for cloud-based NAC – allowing companies to grow, optimize, and evolve
their infrastructure while maintaining the upmost security and compliance. The company was recognized
by Gartner as a pure-play security vendor of network access control solutions and is a recipient of the
2016 Global Frost & Sullivan Award for Competitive Strategy Innovation and Leadership, among other
Security Industry Awards. Portnox has offices in the U.S. and in Europe. www.portnox.com
To find out more about Portnox CLEAR subscription tier plans, contact us!