IPScan is an Ethernet/IP resource management and network security solution that enables IT managers to automate the Ethernet/IP resource management process. IPScan controls network access of any device that uses IP addresses. Utilizing a powerful blocking technology, IPScan ensures that unknown and unauthorized Ethernet and IP addresses are prevented from accessing the network. By deploying IPScan into your network, you can centrally manage distributed Ethernet and IP address resources more safely, effectively and efficiently.

IPScan is a network-based solution, which eliminates PC clients softwarel. End user involvement is not required for installation and use of this powerful IP address security and management tool. Only one IPScan Server is required for an entire internal and external network, managing all collected IP/Mac address information. In addition, the IPScan Console can be installed to manage multiple networks. Policies for IP address blocking, MAC address blocking, time-based access control, IP address conflict prevention,and IP address change control, are easily setup through the centralized IPScan Console interface.

According to Forrester Research, most network and system administrators today utilize a manual system to manage an ever-increasing number of IP addresses. This means that address allocation is largely out of IT's control. Even when dynamic addressing via DHCP has been implemented, typically 20% of organizations IP addresses are still assigned statically and tracked manually.

Most organizations spend lavishly to secure their network against external threats such as hackers, worms and viruses, yet do very little to secure against internal security breaches. However, according to the CSI/FBI Survey of Computer Crime and Security, 68% of surveyed organizations have suffered at least one highly costly internal security breach, if not more. One of the most significant holes in internal network security is the lack of comprehensive network access controls. IPScan provides comprehensive protection against unauthorized access to the network, for all Ethernet and IP devices, providing a critical front-line of defense against unauthorized communication and access to proprietary or sensitive information. IPScan allows network managers to centrally define and update globally enforced access control policies so that only authorized Ethernet and IP addresses (static or dynamic) and hostnames in defined combinations, may communicate at the IP layer on the network.

Rather than relying on DHCP servers alone, IPScan utilizes a system of distributed, transparent probes that are colocated with Ethernet switches across the network. These probes detect all IP devices, including both DHCP and static addresses, and based on centrally defined policy, can automatically block any unauthorized device from communicating on the network.

IPScan is the only solution that provides network-wide, global coverage of Ethernet and IP access control and address management in an automated fashion. Since IPScan automatically detects addresses, network documentation is completely automated and accurate, dramatically increasing productivity, accuracy and confidence in operating the network. Only IPScan can manage access for Ethernet addresses, static and DHCP IP addresses and hostnames in any combination to ensure compliance, security, network availability and operational efficiency.

IPScan provides an automated and centrally managed platform for network access control policy definition, propagation and enforcement. IPScan also records a history of every device’s access to the network, to provide solid documentation of the control processes for compliance purposes. Without IPScan, a breach of data privacy could be easily shown to be the result of poor control processes on fundamental network access, which may result in stiff fines and penalties.

No. There is no difference in how a user accesses the network, since IPScan is completely transparent to users. Only if a user has an unauthorized Ethernet or IP address or hostname will access be blocked.

IPScan is primarily installed in companies with at least 500 network users, as these sites tend to have a large number of IP/MAC addresses and experience the greatest challenge in address management. These installed users are companies located in Asia Pacific, Europe, Middle East, Africa, Latino America and North America.

Hundreds of organizations around the world have deployed IPScan. Please see the customer list under the Solutions section of this website.

IPScan is composed of a central IPScan Server and distributed IPScan Probes.
IPScan Probes are installed in each remote site or segment in order to provide real-time monitoring, alerting and policy enforcement. The IPScan Server is installed centrally and the entire systems is managed via the administrative IPScan Console software.

No, you do not have to install IPScan Probe in every PC in the system.
IPScan is network-based, with distributed IPScan Probes installed in each remote location or segment to monitor users within the area.

IPScan provides various typblocking options.
IP Address Blocking: blocks the network access of selected IP address(es).
MAC Blocking: Blocks the network access of selected MAC address(es).
Add MAC to be Blocked: Registers a known MAC address to be blocked from the network access if the MAC attempts to connect to the network.
Fixed MAC: Matches a MAC address with an IP address. If the MAC address attempts to access the network using another IP address, access is denied.
Fixed IP: Matches an IP address with a MAC address. If the IP address attempts to access the network with a different MAC address, the access is denied.
*TCP Blocking: blocks all TCP sessions of selected IP address(es) (*only supported by IPScan Probe software)
**Secure Mode: blocks the network access of any unauthorized MAC address that attempts to connect to the network (**supported from version 2.1.0 or higer)

ViaScope recommends that at the very least, all critical network devices such as servers, routers, switches, telephony gateways, etc. be defined in the IPScan system with both "Fixed IP" and "Fixed MAC" options. In this case, if another device enters the network with the same IP address as one of the critical devices, it will be considered an unauthorized user and will be blocked from the network, effectively preventing any address conflict situation.

If a device enters the network with an address that conflicts with another device, yet neither have been defined as having a fixed ip or fixed MAC, then both devices will be down, but IPScan will send a real-time alert about the address conflict to the administrative console.

Yes, IPScan stores events and change history into files, so you can search and view what had happened in the past. Searched data can be printed out using the pre-configured report formats provided
by IPScan or you can save the files into Html, Csv or Text format.

There is no limit as to the number of IP address managed by IPScan as long as the hardware
where IPScan Server is installed satisfies the requirement.

Yes, you can authorize up to 10 MAC address for an IP address, which allows support for servers that required multiple MAC addresses.

When you purchase the IPScan solution, it includes IPScan Server and IPScan Probe software.
The license fee is based on the number of users in the network, not the number of probes to be installed in the network.
However, ViaScope also offers IPScan Probe hardware, which delivers IPScan Probe software on an embedded appliance platform, for easier deployment and enhanced performance.