Broker Evaluation

The Broker series is available in a 30-day fully functional evaluation version so that you may evaluate the Broker series against your use cases.

True and correct information is required as your request will be reviewed by one of our team members prior to approval. A one-time download link will be issued once your request has been approved.

Your application has been submitted. We will review your request and respond within 24-48 hours.

Name
Company
Email
Submitting the application suggests that you have read and accept the Privacy Policy.
Please wait, we are processing your request...

Contact

Interested in hearing more, or would like to reach out? Simply complete the following fields and we’ll get back to you within 24 hours.

Your details have been received. We will endeavour to reply within 24 hours.

Name
Email
Message
Submitting the application suggests that you have read and accept the Privacy Policy.
Please wait, we are processing your request...

Plenary Logic Pty. Ltd.
Leval 2, 387 Little Bourke Street, Melbourne, Victoria  3000
(03) 9602 4103
Plenary Logic Pty. Ltd. | ABN 91 605 862 360
contact | support

plenarylogic

Enterprise grade, identity-focused products for your
next-generation firewall.

contact | support

Broker Series

Secure your applications with business logic, not IP subnets.

Read More...
contact | support

Balance Series

Quickly report on end user activity with usernames, not IP addresses.

Read More...
contact | support

Bastion Series

Stop users from masquerading through your network with dynamic user detection and policy enforcement.

Read More...

Broker.

Secure your applications with business logic, not IP subnets.

  • about
  • Broker Server™
  • Broker Client™
  • deployment
  • datasheet
  • evaluation
 
 
 
 

About

The Broker series from Plenary Logic is a virtual machine that provides username and IP address correlation services for next-generation firewalls. Identity information discovered by Broker is provided to the next-generation firewall so that it may enforce policy based on user-identity instead of IP subnets.

The Broker is available as two solutions.

  • A Broker Server™, ideal for the educational sector and BYOD environments.
  • A Broker Client™ solution, ideal for the enterprise when software on end-user devices can be installed and security is of upmost concern.

Broker integration is simple and seamless. Install the Broker virtual machine on your hypervisor and configure Broker to collect, collate and send identity information to your next-generation firewall using the API. There’s no need for custom CPU-intensive regular-expressions, bespoke scripts or SNMP conversion to extract username and IP addresses. Broker is a standalone solution that is supported and purpose built for username and IP address correlation, no matter what the environment may present.

Additional features of Broker can be found in PDF format here.

Broker Server™

The clientless mode of operation integrates Broker directly with your authentication and DHCP services and picks up events as they happen. This information is then intelligently distributed to one or many next-generation firewalls.

The clientless mode of operation is particularly suited for the following.

  • 802.1x wireless environments.
  • High volumes of authentication and DHCP events.
  • Bring Your Own Device (BYOD) environments.

Integration of the clientless Broker solution requires access to your authentication and DHCP service and Hypervisor resources as those prescribed in the Broker data sheet.

Broker Client™

The Broker Client™ mode of operation uses a light-weight user client that operates as a background process. The access client for Broker provides username and IP address information to the Broker virtual machine, which is used to correlate identity, and to time out identity information on the firewall when users are no longer on your network.

The Broker Client™ is particularly suited for the following.

  • 802.1x wireless environments.
  • High volumes of authentication and DHCP events.
  • Bring Your Own Device (BYOD) environments.
  • Roaming users (wired to wireless, and vice versa) without re-authentication.
  • Promptly removing identity from the firewall when users disconnect from the network.

The Broker Client™ supports both Microsoft Windows and Apple OSX operating systems.

Integration of the Broker Client™ solution requires the access client to be distributed on end user machines, and Hypervisor resources as those prescribed in the Broker data sheet.

Deployment

Broker Server and Broker Client support a number of different topology types. The topology types account for scale, quantities of next generation firewalls, and various sources of identity information.

The latest set of deployment practices can be found here.

Datasheet

The Broker series of software appliances are supported on VMware ESXi and Microsoft Hyper-V virtualisation platforms.

Broker Series Resources
BROKER-1000 1 GB
1 vCPU
20 GB HDD
BROKER-3000 2 GB
1 vCPU
50 GB HDD
BROKER-5000 4 GB
2 vCPU
100 GB HDD
BROKER-7000 8 GB
4 vCPU
200 GB HDD

Balance.

Quickly report on end user activity with usernames, not IP addresses.

  • about
  • reporting
  • quota management
  • datasheet
  • evaluation
 
 
 
 

About

The Balance series from Plenary Logic is a virtual machine that provides user focused reporting for next-generation firewalls. The IP address and username information that is discovered by Broker is used by Balance to provide detailed reports on end user activity, and to enforce dynamic bandwidth management on individual users.

Balance uses two tiers of information to generate the required detail of user activity. The first tier is Syslog information, which is used to identify URL activity, and the second is local information on the next-generation firewall.

This unique two-tiered approach ensures that you have the ability to,

  • Pinpoint end user activity instantly.
  • Fulfil duty-of-care obligations by identifying users accessing restricted material.
  • Identify individual users’ bandwidth and control bandwidth.

Balance has been specifically built for the education sector, and is capable of reporting on students, classes, year levels and the entire school. Similarly, Balance can report on the enterprise with employee, branch, region and organisation based reports. Balance integration is simple and requires very few touch points. Install the Balance virtual machine on your hypervisor and configure Balance to collect information from your next-generation firewall using its API.

Reporting

The reporting functionality of Balance provides administrators the ability to report on students and employees within seconds. Balance provides the ability to easily pin-point application, URL and category activity with a simple search function, and produce PDF reports that can be emailed to staff members.

The details within each report include accessed URLs with timestamps, bandwidth consumed by individual students, applications accessed and categories accessed.

The types of reports available are as follows,

  • Student and employee reports
  • Class and branch reports
  • Year level and region reports
  • School and organisation reports

The reports generated by Balance provide a ‘grade’ between 1 and 10 to individual students and employees, making it easy to identify individuals that access content that should be restricted, or you thought was restricted.

Quota Management

Providing visibility into URL activity is the first step to quickly acting on individuals that consume too much bandwidth. Balance is capable of monitoring a pre-set bandwidth quota, then dynamically adjusting the allocated bandwidth of an individual user if they breach the set limit.

Users can be identified as being in breach of bandwidth limits within 5 minutes, and their bandwidth is limited immediately after being detected.

A pre-defined period, such as a semester, a week or a month, is then used as the trigger to re-set the end users bandwidth restriction.

Datasheet

The Balance series of software appliances are supported on VMware ESXi and Microsoft Hyper-V virtualisation platforms.

Balance Series Resources
BALANCE-1000 1 GB
1 vCPU
20 GB HDD
BALANCE-3000 2 GB
1 vCPU
50 GB HDD
BALANCE-5000 4 GB
2 vCPU
100 GB HDD
BALANCE-7000 8 GB
4 vCPU
200 GB HDD

Bastion.

Stop users from masquerading through your network with dynamic user detection and policy enforcement.

  • about
  • Bastion Server™
  • Bastion Client™
  • datasheet
  • evaluation
 
 
 
 

About

The Bastion series from Plenary Logic provides secure bastion services that integrate with your next-generation firewall. The Bastion virtual appliance typically resides within a DMZ and provides third-party SSH access to various internal systems, for functions such as support of internal servers and systems.

Bastion is available as two solutions, which are as follows.

  • Bastion Server™, which is a hardened host designed for your DMZ.
  • Bastion Client™, which resides on servers or end user machines to prevent masquerading.

Bastion works by monitoring user logins, then associated source ports to users and updates the next-generation firewall product set via the XML API to permit or deny third-party access to systems. Ideal for environments that require secure third-party support, and for Linux operating systems where masquerading is possible.

Additional features of Bastion can be found in PDF format here.

Bastion Server™

The Bastion Server™ is a stand-alone, hardened virtual machine that is designed to associate source-ports to end users. Due to the nature of jump-hosts, where all users are sourced by the same source IP address, source ports need to be assigned to individual users and to be managed when users exit the system.

The Bastion Server™ dynamically detects user log in events, associates a source port range to each user, and provides the username and source port information to the next-generation firewall so that individual users can be identified by the next-generation firewall. This means that your next-generation firewall can now differentiate users by source port and therefore enforce the appropriate policy using user identity.

Bastion Client™

The Bastion Client™ has been developed for Linux based operating systems used by end-users, such as Apple OSX, and by servers using Linux. The Bastion Client is a root service that operates as a process and monitors login events on Linux based operating systems. When a login event is detected, a range of source ports are assigned to the user(s), and the next-generation firewall is informed, allowing you to detect and block masquerading users.

The Bastion Client™ is suitable for end user laptops/desktops, and servers.

Datasheet

The Bastion series of software appliances are supported on VMware ESXi and Microsoft Hyper-V virtualisation platforms.

Bastion Series Resources
BASTION-1000 1 GB
1 vCPU
20 GB HDD
BASTION-3000 2 GB
1 vCPU
50 GB HDD
BASTION-5000 4 GB
2 vCPU
100 GB HDD
BASTION-7000 8 GB
4 vCPU
200 GB HDD