The Broker series is available in a 30-day fully functional evaluation version so that you may evaluate the Broker series against your use cases.
True and correct information is required as your request will be reviewed by one of our team members prior to approval. A one-time download link will be issued once your request has been approved.
Your application has been submitted. We will review your request and respond within 24-48 hours.Interested in hearing more, or would like to reach out? Simply complete the following fields and we’ll get back to you within 24 hours.
Your details have been received. We will endeavour to reply within 24 hours.The Broker series from Plenary Logic is a virtual machine that provides username and IP address correlation services for next-generation firewalls. Identity information discovered by Broker is provided to the next-generation firewall so that it may enforce policy based on user-identity instead of IP subnets.
The Broker is available as two solutions.
Broker integration is simple and seamless. Install the Broker virtual machine on your hypervisor and configure Broker to collect, collate and send identity information to your next-generation firewall using the API. There’s no need for custom CPU-intensive regular-expressions, bespoke scripts or SNMP conversion to extract username and IP addresses. Broker is a standalone solution that is supported and purpose built for username and IP address correlation, no matter what the environment may present.
Additional features of Broker can be found in PDF format here.
The clientless mode of operation integrates Broker directly with your authentication and DHCP services and picks up events as they happen. This information is then intelligently distributed to one or many next-generation firewalls.
The clientless mode of operation is particularly suited for the following.
Integration of the clientless Broker solution requires access to your authentication and DHCP service and Hypervisor resources as those prescribed in the Broker data sheet.
The Broker Client™ mode of operation uses a light-weight user client that operates as a background process. The access client for Broker provides username and IP address information to the Broker virtual machine, which is used to correlate identity, and to time out identity information on the firewall when users are no longer on your network.
The Broker Client™ is particularly suited for the following.
The Broker Client™ supports both Microsoft Windows and Apple OSX operating systems.
Integration of the Broker Client™ solution requires the access client to be distributed on end user machines, and Hypervisor resources as those prescribed in the Broker data sheet.
Broker Server and Broker Client support a number of different topology types. The topology types account for scale, quantities of next generation firewalls, and various sources of identity information.
The latest set of deployment practices can be found here.
The Broker series of software appliances are supported on VMware ESXi and Microsoft Hyper-V virtualisation platforms.
Broker Series | Resources |
---|---|
BROKER-1000 |
1 GB 1 vCPU 20 GB HDD |
BROKER-3000 |
2 GB 1 vCPU 50 GB HDD |
BROKER-5000 |
4 GB 2 vCPU 100 GB HDD |
BROKER-7000 |
8 GB 4 vCPU 200 GB HDD |
The Balance series from Plenary Logic is a virtual machine that provides user focused reporting for next-generation firewalls. The IP address and username information that is discovered by Broker is used by Balance to provide detailed reports on end user activity, and to enforce dynamic bandwidth management on individual users.
Balance uses two tiers of information to generate the required detail of user activity. The first tier is Syslog information, which is used to identify URL activity, and the second is local information on the next-generation firewall.
This unique two-tiered approach ensures that you have the ability to,
Balance has been specifically built for the education sector, and is capable of reporting on students, classes, year levels and the entire school. Similarly, Balance can report on the enterprise with employee, branch, region and organisation based reports. Balance integration is simple and requires very few touch points. Install the Balance virtual machine on your hypervisor and configure Balance to collect information from your next-generation firewall using its API.
The reporting functionality of Balance provides administrators the ability to report on students and employees within seconds. Balance provides the ability to easily pin-point application, URL and category activity with a simple search function, and produce PDF reports that can be emailed to staff members.
The details within each report include accessed URLs with timestamps, bandwidth consumed by individual students, applications accessed and categories accessed.
The types of reports available are as follows,
The reports generated by Balance provide a ‘grade’ between 1 and 10 to individual students and employees, making it easy to identify individuals that access content that should be restricted, or you thought was restricted.
Providing visibility into URL activity is the first step to quickly acting on individuals that consume too much bandwidth. Balance is capable of monitoring a pre-set bandwidth quota, then dynamically adjusting the allocated bandwidth of an individual user if they breach the set limit.
Users can be identified as being in breach of bandwidth limits within 5 minutes, and their bandwidth is limited immediately after being detected.
A pre-defined period, such as a semester, a week or a month, is then used as the trigger to re-set the end users bandwidth restriction.
The Balance series of software appliances are supported on VMware ESXi and Microsoft Hyper-V virtualisation platforms.
Balance Series | Resources |
---|---|
BALANCE-1000 |
1 GB 1 vCPU 20 GB HDD |
BALANCE-3000 |
2 GB 1 vCPU 50 GB HDD |
BALANCE-5000 |
4 GB 2 vCPU 100 GB HDD |
BALANCE-7000 |
8 GB 4 vCPU 200 GB HDD |
The Bastion series from Plenary Logic provides secure bastion services that integrate with your next-generation firewall. The Bastion virtual appliance typically resides within a DMZ and provides third-party SSH access to various internal systems, for functions such as support of internal servers and systems.
Bastion is available as two solutions, which are as follows.
Bastion works by monitoring user logins, then associated source ports to users and updates the next-generation firewall product set via the XML API to permit or deny third-party access to systems. Ideal for environments that require secure third-party support, and for Linux operating systems where masquerading is possible.
Additional features of Bastion can be found in PDF format here.
The Bastion Server™ is a stand-alone, hardened virtual machine that is designed to associate source-ports to end users. Due to the nature of jump-hosts, where all users are sourced by the same source IP address, source ports need to be assigned to individual users and to be managed when users exit the system.
The Bastion Server™ dynamically detects user log in events, associates a source port range to each user, and provides the username and source port information to the next-generation firewall so that individual users can be identified by the next-generation firewall. This means that your next-generation firewall can now differentiate users by source port and therefore enforce the appropriate policy using user identity.
The Bastion Client™ has been developed for Linux based operating systems used by end-users, such as Apple OSX, and by servers using Linux. The Bastion Client is a root service that operates as a process and monitors login events on Linux based operating systems. When a login event is detected, a range of source ports are assigned to the user(s), and the next-generation firewall is informed, allowing you to detect and block masquerading users.
The Bastion Client™ is suitable for end user laptops/desktops, and servers.
The Bastion series of software appliances are supported on VMware ESXi and Microsoft Hyper-V virtualisation platforms.
Bastion Series | Resources |
---|---|
BASTION-1000 |
1 GB 1 vCPU 20 GB HDD |
BASTION-3000 |
2 GB 1 vCPU 50 GB HDD |
BASTION-5000 |
4 GB 2 vCPU 100 GB HDD |
BASTION-7000 |
8 GB 4 vCPU 200 GB HDD |