Bradford Networks

Bradford Networks

Since 2005, Khipu Networks has been the most successful reseller of Bradford Networks’ technology worldwide and has now deployed and supported over 300 systems internationally. Khipu was also awarded Bradford Networks’ International Partner of the Year again in 2013 for its consistent success and ~99% customer retention performance.

Bradford Networks’ powerful and innovative security solutions are developed by a staff with years of expertise in network security and brought to market based on invaluable input received from customers. Since the company’s founding in 1999, hundreds of customers and millions of users have come to rely on its technology to secure critical IT assets and automate IT security operations.

Bradford Networks Products provides a number of benefits to your Critical Cyber Security Controls.

Network access control (NAC) continues to gain traction as a key element of network and data security. As more and more commercial and government thought leaders embrace the technology, many of the messages are strikingly familiar. The following is just one example.

If you go to the SANS website, you’ll see a link to 20 Critical Security Controls that SANS recommends to better protect commercial and government networks from cyber attacks. These best practice controls have been endorsed by a consortium of very security-conscious government institutions.

For what amounts to a mission statement for Bradford Networks, check out

Critical Control 1, Inventory of Authorized and Unauthorized Devices. The parallels begin with the summary description:

[callout1]“An accurate and up-to-date inventory, controlled by active monitoring and configuration management, can reduce the chance of attackers finding unauthorized and unprotected systems to exploit.”…[/callout1]

This is the same key insight that guided the engineering of our third-generation NAC technology. It gets even more interesting when you see the eight steps that SANS recommends for the implementation of Control #1,


Step 1, Quick Wins: “Deploy an automated asset inventory discovery tool and use it to build a preliminary asset inventory of systems connected to the enterprise network.”

Up to:  

Step 8, Advanced: “Network access control can be used to monitor authorized systems so that if attacks occur, the impact can be remediated by moving the un-trusted system to a virtual local area network that has minimal access.”

The SANS recommendations for Critical Control #1 correlate with the capabilities of Network Sentry from Bradford Networks. From detection and profiling of all devices trying to access the network to role-based access to resources and elimination of endpoint vulnerability, our NAC solution puts the SANS security goals into practice.

  • Using your established security policies and Bradford’s policy management features, you are able to automate enforcement to ensure policy compliance
  • Prevent unauthorized network access by identifying all users and their endpoint devices
  • Gain visibility and control
  • Enable role-based access to appropriate network resources
  • Dynamically enforce security policies
  • Ward off intruders and protect your network from security risks.

Network Infrastructure Visibility

Knowing the makeup of your constantly changing network, switches, routers, hubs, and wireless access points, is fundamental to making sure it is secure. Network Sentry provides a real-time view of your dynamic network infrastructure ensuring that you can detect and prevent any changes that would introduce risk.

Device Profiling and Fingerprinting

With the proliferation of personal and mobile computing devices in organizations, the diversity and the ownership of the devices is difficult to manage. Network Sentry helps to identify and classify each type of device on your network, identify if it is corporate issued or employee-owned, and identify the user on the device to enable role-based network access policies.

Endpoint Compliance

The average number of devices per user is on the rise. This phenomenon also increases the attack surface of your network. Ensuring the integrity of wired and wireless devices before they connect to your network minimizes the risk of vulnerabilities and the spread of exploits and malware. Network Sentry, with agentless, dissolvable agent, or a persistent agent, validates the endpoint’s configuration as it tries to join the network. If the configuration is not compliant (i.e. patch missing, outdated antivirus, jailbroken device) then connections can be prevented or users can be warned until the endpoints are remediated.

Network Provisioning

Segmenting a network and classifying data are two best practices for data protection. Network Sentry, with role-based access control policies, ensures the right users on the right devices gain access to the right set of network segments. Users on corporate issued devices, because they are centrally managed by IT, may have more access on corporate issued devices than personally owned devices.

Guest Management and Self-Registration

Managing the onboarding of guests and employee laptops, tablets, and smartphones to your network, can be a labor intensive and error-prone task. Network Sentry simplifies onboarding by streamlining registration processes. Onboarding of guests can be delegated to deputy onboarding administrators and, when appropriate, users can self-register their own devices shifting the workload from IT to the end users.


Configuring an endpoint such as a laptop, tablet, or smartphone, for wireless access can be a challenging task. Even with will documented steps for end users, the process can be error prone frustrating the end-user and the staff that take the support calls. Network Sentry’s EasyConnect feature allows organizations to immediately and securely connect personal or corporate issued wireless devices to your network. EasyConnect automatically sets device security configurations, encryption type and other critical security settings on the user’s device, automating the onboarding process and removing the challenge.

With solutions that dynamically adapt to changing network conditions and continually combat network threats, Bradford addresses the security needs of a wide variety of organisations in markets including education, financial services, state and local government, healthcare, energy, retail and many others. Bradford’s innovative, award-winning products and solutions are widely recognised by industry analysts including Forrester and Gartner, as well as leading publications including SC Magazine, CRN, and others. Bradford Networks is headquartered in Cambridge, MA and is privately held.

For more information on Bradford Networks, please contact the Khipu sales team on 0345 272 0900 or click here