SOLUTIONGUIDE

NETWORK INTELLIGENCE PLATFORM™ The unprecedented proliferation of network-attached IT, IoT and IoMT

devices within the enterprise has dramatically expanded the attack

surface in organizations of all sizes and across all industries. Unknown

and unmanaged devices account for nearly two-thirds of all endpoints

on an enterprise network - posing significant risk today and even greater

risk in the future. In fact, Gartner estimates that IoT endpoints will grow

to 25 billion by 2021 and, meanwhile, an increasingly sophoisticated

network of cyberattackers are actively working to exploit known device

vulnerabilities. The consquences of a device breach can inflict significant

organizational damage – from financial loss and brand reputation, to

compromising critical medical therapies and patient life-safety. Analysts and

security experts agree: the time to take steps to mitigate IoT device risks is

now.

The Great Bay Network Intelligence Platform™ is designed to discover,

profile, and monitor all network-attached endpoints – in real-time

and without an agent. Our platform is the only real-time visibility and

enforcement solution proven to deliver device discovery, robust profiling,

continuous behavior monitoring, and flexible remediation at enterprise

scale. In fact, we have supported more than 1.5 million devices in a single

instance, the largest known deployment in the industry, and we have a

100% implementation success rate among our customers. Unlike other

tools on the market, Great Bay’s Network Intelligence Platform provides

complete visibility into all network-connected endpoints, including IT,

IoT and IoMT devices, authorized and unauthorized, across complex

wired and wireless networks. We arm IT, Security, Compliance, Clinical

and Operations teams with a comprehensive view of all endpoint risk

-- presented in an intuitive interface that enables professionals to quickly

identify, understand and mitigate risk within 2-3 clicks.

QUICK FACTS

• Agentless architecture

• Proven to scale to 1.5 million devices on a single system

• Multiple passive and real-time data collection methods

• Comprehensive device profile library – Thousands of pre-built device profiles, including IoT/ IoMT/IT devices

• Real-time behavior monitoring and active response

• Risk Intelligence, scoring & mitigation

• Granular device authentication and control

• Open platform with bidirectional APIs for seamless integration

• 6th Generation Product suite

greatbaysoftware.com

REAL-TIME BEHAVIOR MONITORING & GRANULAR CONTROLThe Great Bay Network Intelligence Platform™ analyzes the identity

and behavioral attributes of endpoints on the network and uses these

attributes to assign every device to a group, called a profile. Each profile

is a logical container holding one or more endpoints with similar function,

capability or other defining characteristics. When identified, the platform

attaches an Identity Score to the device. The Identity Score is calculated

based off the rule(s) in the profile that test true for the device. Profile

rules and Identity scores are used to determine which profile is the best

match for the endpoint.

The Great Bay Network Intelligence Platform™ identifies real-time events

such as endpoints being added to the network, duplicate MAC addresses

and changes in identity and behavioral attributes of a device. When one

or more attributes of a device change, the platform evaluates whether or

not the observed change warrants an adjustment of the existing endpoint

profile. If a change in profile is warranted, the solution transitions the

endpoint profile, triggers an event and automates a preferred remediation

action such as alerting, quarantine or port blocking. The Great Bay

Network Intelligence Platform™ can even automate a change in the

access provided by the authentication system for the particular endpoint,

thereby removing or changing network access permissions.

CUSTOMER BENEFITS

• Discover, profile and locate all your connected devices

• Assess and mitigate device risk

• Enable dynamic network segmentation

• Integrate with the ecosystem and orchestrate workflows

• Enhance existing asset management systems through real-time data updates

• Facilitate and plan network upgrades and end-of-life cycling

• Simplify and streamline onboarding of new devices during M&A

• Reduce or eliminate manual,

resource-intensive asset

inventory and profiling

processes.

• Meet compliance regulations by maintaining a comprehensive, up-to-date inventory of network assets

• Automate and speed remediation workflows and ensure security compliance and continuity

• Monitor device behaviors in real-time

• Verify device identity, authenticate and control

HOW THE GREAT BAY NETWORK INTELLIGENCE PLATFORM™ WORKSUNMATCHED VISIBILITYThe Great Bay Network Intelligence Platform™ both passively and actively

gathers informational device attributes from a variety of data collection

sources including DHCP, SNMP polling, SNMP traps, NetFlow/J-Flow/

sFlow, Active Directory, RADIUS Accounting, network traffic (SPAN),

DNS, just to name a few. Once collected, the rich, contextual endpoint

data is aggregated into our Warehouse of Context™ and continuously

leveraged to identify, locate, and monitor both managed and unmanaged

endpoints in real time. To outpace ever-changing new IT, IoT and IoMT

devices, our platform is supported by a crowdsourced AI/ML assisted

profiling system.

greatbaysoftware.com

DYNAMIC NETWORK SEGMENTATIONNetwork segmentation is a best practice for security and compliance that

is increasingly impractical to implement and maintain in large corporate

environments. While creating network security zones with access

control lists and firewall rules can be done, the cost, complexity and

administrative overhead of maintaining these address-based approaches

has become prohibitive.

The Great Bay Network Intelligence Platform™ applies device identity-

based network segmentation approach controlling the visibility of and

access to network resources at the earliest possible time. It dynamically

learns devices identity and automates network security policies and

actions aligned with the permitted devices profiles, without user or

administrator action.

RISK INTELLIGENCE & SCORINGThe Great Bay Network Intelligence Platform™ leverages and correlates

inputs from multiple risk indicators and calculates a risk score based on

each organization’s unque environment. These weighted factors that

influence the overall enterprise risk score can be weighted as needed,

and include identified security risks associated with device’s Operating

Systems, identified security issues associated with communication across

unsecured protocols, identified security risks associated with the device

profile of residence, and any ingested vulnerability and risk information

from external sources such as Vulnerability Management systems). The

platform calculates the risk scoring for each individual device and across

all connected IoT devices and enables teams to segment based on device

type and category. For example, a healthcare organization can look at

overall risk, as well as drill down on MoDT or IoT. The risk assessment and

scoring process is fully automated, and the risk scoring is continuously

updated in real-time.

greatbaysoftware.com

THE GREAT BAY DIFFERENCE

greatbaysoftware.com

WHY GREAT BAY

• Comprehensive Device Profiling Library

• Largest IoT Device Implementation

• Comprehensive Data Collection Methods

• Crowdsourced AI/ML assisted Profiling

• Real-time Behavior Monitoring• Granular Control & Active Response

• Risk Intelligence & Scoring

• Dynamic Network Segmentation

• Tight ServiceNow Integration

• NAC or 802.1X Enablement

• Vendor Agnostic

• Simplified Device Onboarding for M&A

• All-inclusive Subscription Model

• On Premise Data Model

• Intuitive Interface & Workflows

PROVEN INDUSTRY-LEADING SCALE & RESULTS• The Great Bay Network Intelligence Platform™ supports the industry’s

largest IoT device implementation, with more than 1.5 million endpoints

on a single production server deployed in HA.

• Great Bay Network Intelligence Platform™ capability to offload device

authentication from traditional NAC systems has supported a much

more robust path to scale in the enterprise.

• The Great Bay Network Intelligence Platform™ ships with comprehensive

device profile library – thousands of pre-built device profiles including

IoT/IoMT/IT device profiles library fine-tuned over 14+ years.

• Crowdsourced AI/ML assisted profiling system enables our platform to

outpace the ever-changing new IoT devices.

• Our comprehensive, passive and real-time collection methods enable our

platform to collect and profile information from numerous data sources

and feeds, including SPAN. Our flexible collection techniques reduce

the network traffic overhead, ease demand of scarce IP ports to support

SPAN only implementation required by our competitors and allow for

more cost-effective implementation at enterprise scale.

MODULARITY AND EXTENSIBILITY• Tight ServiceNow Integration: Our ability to tightly integrate with

3rd party systems including asset management systems provides a

framework from which automated workflows and ticketing processes

are tied to device discovery and profiling as well as incident response

to security events such as profile changes that could be the result of

compromised or infected devices.

greatbaysoftware.com

• The modularity and extensibility of the Great Bay Network Intelligence

Platform™ provides a high degree of scale and fault tolerance.

• Each collector not only provides data collection for profiling, identity

and behavior monitoring, but can also be part of the centrally managed

and fully distributed RADIUS authenticator with a local copy of the

endpoint directory onboard.

NAC/802.1X ENABLEMENT• For well over a decade our visibility has been used to enable, augment

and ensure the successful deployment of 802.1X and industry-leading

NAC systems including PulseSecure, Aruba’s ClearPass, Cisco’s NAC

Appliance.

• Great Bay Network Intelligence Platform™ can communicate directly

with the infrastructure through our event-driven active response to

quarantine, isolate, or instruct the network to re-authenticate a session

based on the detection of an identity or behavior change.

• Great Bay Network Intelligence Platform™ can be the device

authenticator or the reauthentication process would go through the

central NAC system.

• Great Bay Network Intelligence Platform™ supports a truly vendor

agnostic deployment.

FLEXIBLE ENFORCEMENT• The Great Bay Network Intelligence Platform™ provides Security and

IT teams with the ability to automate enforcement responses in order

to balance the unique security requirements of each environment. It

provides a wide-range of automated responds and remediation actions

like systems alerts, device re-authentication or quarantine, or port

bouncing or blocking to prevent a threat in real time.

ALL-INCLUSIVE SUBSCRIPTION MODEL• One cost: Hardware refreshes and unlimited support all included at no

additional charges.

PROVEN TRACK RECORD AND SOFTWARE MATURITY• Great Bay Software has been securing enterprises for 14+ years.

Industry longevity with a proven track record of successful deployments,

in-house expertise and SMEs.

• The Great Bay Network Intelligence Platform™ is the 6th generation of

the product suite running version 6.1.0 as of September 2018, and it is

currently deployed in large size IoT implementations.

CUSTOMER TESTIMONIALS

“If our Great Bay platform goes down, our world is coming to an end. We would lose $1.8 million dollars per minute.”

Security Engineer at Large Healthcare Provider

“I was impressed at how easy to use the platform was. After just one meeting, I was able to show the rest of my team how to navigate the interface.”

Medical Director at Large Healthcare Provider

“Every medical device vendor is unique making it a tricky job to secure those devices…We would not be able to have an 802.1X secured environment without this tool.”

Manager of IT at Large Healthcare Provider

www.greatbaysoftware.com+1.763.251.1400

©2019 Great Bay Software, Inc. All rights reserved. OV-PROD-012018-01

BUSINESS USE CASES

Real-Time Endpoint Visibility Obtain a deep contextual understanding of what is connected to network (particularly

medical and IoT devices) and where they are located, eliminating blind spots that

could be used as a point of entry or access to protected data

Endpoint Risk Intelligence & Scoring

Stay ahead of the rising number of endpoint-focused attacks through automated

identification, scoring and reporting of endpoint risk based on attributes such as;

endpoint OS, use of unsecured protocols, profile, and 3rd party risk data

Real-Time Automated Asset Inventory

Reduction or reallocation of FTE resources by replacing manual efforts with

automated discovery and profiling of all network-connected assets including;

traditional, IoT, medical, managed, and unmanaged devices

Device Authentication Enablement

Ensuring successful NAC or 802.1X implementation by leveraging Great Bay’s

Warehouse of Context™ as the single source of truth for endpoint authorization while

increasing the scalability and fault tolerance of 3rd party systems

Secure IoT Network Access &

Onboarding

Automated access control and onboarding of IoT devices through endpoint discovery,

profiling, device-based authentication, dynamic network segmentation, and time-

based sponsorship as desired

Identity & Behavior Monitoring Monitor for and alert on changes in endpoint identity or behavior that could be

indicative of endpoint compromise, infection, malfunction, or attacks such as MAC

spoof attempts

Eco-Systems Integration & Workflow Automation

Increase the efficacy of the security architecture and asset management systems

through the sharing of endpoint attribute data and context while enabling dynamic

ticket generation and tracking

Rogue Device Detection Eliminates risk through automated identification, location, alerting, and isolation of

rogue and unauthorized devices in real time

Contractor Device Differentiation

Identification of all contractor devices and clear distinction between contractor and

BYOD to support differentiated network access and reduce the financial burden

associated with device assignment and early depreciation of assets

M&A and IoT Adoption Support Identification-based device discovery and endpoint profile trending over customizable

time periods offer-ing real-time views and scheduled reports supporting M&A and

technology adoption initiatives

Outsource and Contract Verification

Validating and potentially reducing contract cost associated with 3rd-party

outsourcing contracts and over-purchase of licensing through the automated

identification, and profiling of all network-connected assets

Accelerated Incident Response Reduce the time to respond to security incidents by leveraging endpoint context and

real-time and historical location information

Segmentation Policy Monitoring & Enforcement

Streamline operations and strengthen security by dynamically assigning network

access by segment or VLAN to endpoints by profile and then monitoring, and alerting

when segmentation policies are compro-mised

Regulatory and Security Framework Compliance

Meet the real-time asset discovery and access control requirements to support policy

compliance such as PCI DSS, HIPAA, SOX, GLBA, NERC CIP, NIST 800-171