Modern networks are experiencing an explosion of wired or wireless connection endpoints; Each additional network access endpoint increases the risk of being attacked, giving attackers the opportunity to gain further access to network and enterprise resources. To limit this risk, the security status of the endpoint must be monitored at all times. In addition, users must be given only the minimum permissions required to perform their role.

Network access is critical to almost every role within an enterprise; However, this need must be balanced against the risks it poses. The key goal of enterprise informatization is to provide secure but controlled network access so that the right people get the right access at the right time without sacrificing security.

Microshield's WSA solution provides complete visibility and network access control (NAC) for all local or remote endpoints. Its high-performance design helps small and large organizations easily perform endpoint security verification and authorization, while an intuitive user interface makes it easy to manage and customizable reports.

WSA protects your network with a strong network strategy based on Zero Trust security principles while being prepared to support BYOD scenarios, IoT devices, and edge computing. The WSA intelligent access platform uses a self-developed high-performance RADIUS engine to provide network security access functions based on user identity and flexible policy control through local databases or data sources such as AD, LDAP, REDIS, and external databases.

WSA can connect with network devices from mainstream vendors such as Aruba, Cisco, Fortinet, Juniper, HUAWEI, and H3C, and provides flexible authentication methods such as SMS, email, QR code, WeCom, and TOTP.

WSA Key Features

• INTUITIVE AND FLEXIBLE POLICY CONFIGURATION (AUTHENTICATION POLICY/AUTHORIZATION POLICY/PORTAL POLICY)
• Support multiple authentication sources, and match different authentication sources according to conditions
• Provide self-service, support self-service certificate application and download, and support TOTP updates
• Support multiple authentication methods combination, support SMS/MAIL/TOTP multi-factor authentication
• SUPPORTS MAINSTREAM SMS GATEWAYS (ALIBABA/TENCENT/HUAWEI CLOUD/SUBMAIL/SEVERAL METERS) AND SUPPORTS THE EXPANSION OF SMS GATEWAYS ON OTHER PLATFORMS
• RESTful API interface to support third-party platforms to write user information
• Visual troubleshooting tools ( procedure tracing/real-time message capture)

Standards & Protocol Support

• RADIUS/RADIUS CoA/Web Authentication/PORTAL V2.0
• PAP/CHAP/ EAP-MD5/ EAP-PEAP-MSCHAPv2/EAP-TLS
• 802.1X-2010, 802.1X-2020
• Windows Kerberos
• SMB V2/V3/V4
• OCSP/CRL
• SYSLOG（RFC3164/RFC5424）

支持 PORTAL 认证方式 PORTAL

• Triple MAC authentication
• SMS verification code authentication
• Visitor application + internal employee SMS authorization code authorization
• Visitor application + internal employee email authorization code authorization
• Visitor application + direct authorization from internal staff email
• Visitor application + employee WeCom authorization
• Username and password authentication
• Username + TOTP authentication
• Username and password + SMS two-factor authentication
• Username and password + email two-factor authentication
• Username and password + TOTP two-factor authentication