Does this require new switches?

No, if your switches support 802.1X (most enterprise-grade do). We assess during week 1.

How does it handle BYOD?

Self-service onboarding via guest portal: user authenticates, device is profiled, policy is applied. Personal devices go to a separate VLAN with internet-only access (configurable).

What about IoT devices that can't do 802.1X?

MAC Authentication Bypass (MAB) with profiling. Each device class is fingerprinted and policy-mapped automatically.

Will it lock out our executives during deployment?

Monitor-only mode runs for 2-3 weeks before enforcement. Phased enforcement by VLAN means no big-bang cutover.

Does this integrate with Microsoft Intune / Entra ID?

Yes. Device-compliance state from Intune feeds into NAC policy, so non-compliant devices land in a remediation VLAN.

CGX is more cost-effective for SMB/Mid-Market with simpler policy. ISE is the choice for Cisco-centric Enterprise environments. We quote both.

What about wireless guest access?

Self-service guest portal with SMS/email verification is included.

Can we co-manage policy?

Yes. Read access standard, change-control via nCrypt SLA, with emergency-override for your IT team.

Hardware-as-a-Service · 36-month bundle

Network Access Control, leased and managed. From RM1,800/month.

InfoExpress CGX — every device authenticated, every connection profiled, every guest contained. BYOD-ready and RMiT-aligned.

Calculate your bundle Talk to sales

What's included in the bundle

NAC appliance (CGX or ISE), HA pair on Mid-Market+

802.1X policy design and RADIUS integration

Device profiling library (IoT fingerprints)

Guest portal with self-service onboarding

Quarterly policy reviews

Hardware refresh at month 30

Who this is for

✓BYOD-heavy organisations needing device-level visibility
✓Healthcare networks segmenting medical devices
✓Manufacturing isolating OT from IT
✓Compliance-driven enterprises (RMiT, ISO 27001)

Deployment timeline

Week 1

Network discovery, RADIUS planning, switch/AP integration design

Week 2-3

Appliance install, monitor-only enforcement, profiling library tuning

Week 4-5

Phased 802.1X enforcement by VLAN

Ongoing

Monthly policy tuning, quarterly reviews

Sample bundles by company size

SMB

RM 1,800 – 3,000 / month

Single appliance, 100-300 endpoints, single site

MidMarket

RM 3,000 – 7,500 / month

HA pair, 500-2,000 endpoints, multi-site

Enterprise

RM 7,500 – 20,000+ / month

Multi-DC, 5,000+ endpoints, IoT segmentation, full guest portal

Aligned to your regulatory obligations

BNM RMiTISO 27001PCI DSS Req 1.2 / 1.3NIST 800-53

Frequently asked questions

Need a one-off engagement instead of a leased bundle?

See our consulting service →

Ready to size NAC for your environment?

Three minutes in the calculator. A precise quote emailed within 24 hours.

Calculate my bundle Talk to sales

Financing available via our partner financial institutions. Indicative monthly figures based on standard 36-month terms; final pricing subject to credit assessment and signed master service agreement.

Ready to size NAC for your environment?

Three minutes in the calculator. A precise quote emailed within 24 hours.