Smart Network Access Decisions, Zero Manual Work
Define who gets on your network, what they can access, and when — all from a visual policy builder. No scripting required.
Policy-Driven Access Control
Six capabilities that automate network access decisions
Visual Policy Builder
Drag-and-drop IF/THEN rules for network access decisions. Build complex policies without writing a single line of code or learning a scripting language.
- IF/THEN rule builder
- Drag-and-drop interface
- Nested condition groups
- Real-time syntax validation
Device Posture Checks
Verify encryption status, OS version, and antivirus presence before granting access. Non-compliant devices get quarantined or redirected automatically.
- Disk encryption verification
- OS version requirements
- Antivirus & firewall checks
- Jailbreak/root detection
Dynamic VLAN Assignment
Route users to the right network segment automatically based on their role, device type, or compliance status. No manual switch configuration needed.
- Role-based segmentation
- Device-type routing
- Guest vs. employee isolation
- Automatic fallback VLANs
Compliance Templates
Pre-built policy sets for HIPAA, PCI-DSS, FERPA, and SOC 2 that you can deploy with one click and customize to match your exact requirements.
- HIPAA network isolation
- PCI-DSS segmentation
- FERPA student data protection
- SOC 2 access logging
Policy Simulation
Test what would happen if a specific user connected right now. Simulate authentication requests against your policies before deploying changes to production.
- What-if scenario testing
- Pre-deploy validation
- User-specific simulation
- Policy conflict detection
Audit Trail
Full version history for every policy change with side-by-side diffs. See who changed what and when, and roll back to any previous version with one click.
- Version history for all policies
- Side-by-side diff view
- One-click rollback
- Change attribution & timestamps
How Policies Work
Define conditions on the left, assign actions on the right
Define Conditions
- User Groups — Active Directory, LDAP, or local groups
- Device Type — Corporate laptop, personal phone, IoT sensor
- Time of Day — Business hours, weekends, maintenance windows
- Location — Building, floor, access point, or SSID
- Compliance Status — Encryption on, OS patched, AV running
Automatic Actions
- VLAN Assignment — Route to the correct network segment
- Bandwidth Limits — Throttle by role, device, or time
- MFA Triggers — Require step-up authentication
- Deny with Reason — Block access and show why
- SIEM Logging — Forward events to Splunk, Sentinel, or syslog
Works With Your Existing Setup
Policies evaluate on every RADIUS authentication. No agent installation, no network changes. If your access points already talk to a RADIUS server, conditional access works out of the box.
Frequently Asked Questions
What is a conditional access policy engine?
It's a rules engine that makes real-time decisions about network access based on who's connecting, what device they're using, and whether they meet your security requirements.
Do you have pre-built compliance templates?
Yes. We ship templates for HIPAA, PCI-DSS, FERPA, and SOC 2 that you can deploy with one click and customize to your needs.
Will this affect my existing WiFi setup?
No. Policies evaluate during RADIUS authentication, so they work with your current infrastructure. No agents to install, no network reconfiguration needed.
How steep is the learning curve?
The visual builder is designed for IT admins, not developers. Most customers have their first policy running within 30 minutes.
Ready to Automate Network Access Decisions?
Start a 14-day free trial. Build your first conditional access policy in under 30 minutes.