Security: Network Access ControlNetwork World's Security: Network Access Control Newsletter, 09/20/07Upgrades give Enterasys a more fully featured NAC portfolioBy Tim GreeneEnterasys is upgrading its NetSight management suite and it includes upgrades for its NAC system. First the company’s NAC Manager software now supports MAC address registration tied to user identity as a criterion for applying policy. So a device logging in to the network would be diverted to a Web portal where the user would be queried for information that would be paired with the MAC address of the machine. A guest might be granted Internet access if the MAC address is unknown or the user ID is unknown. But the device might also be allowed onto a restricted VLAN if a trusted sponsor enters a valid user name and password.
This option is primarily for guests, contractors and others who use computers not issued by the corporation. It allows known, validated employees to vouch for visitors. Enterasys is introducing Assisted Remediation Server that automatically refers machines that fail NAC pre-admission scans to a server where the can patch up whatever shortcomings the scans reveal. The device is sent to a Web portal that displays what steps the user should take to remediate the problem that is keeping them from being authenticated. Before, Enterasys did not have a remediation mechanism. Enterasys supports post-admission NAC by blending features of its new Automated Security Manager with its NAC Manager platform. When Automated Security Manager is notified by intrusion detection systems of behavior that violates policies it passes details of the violation along to NAC Manager. In turn, NAC Manager enforces policies to address the unauthorized behavior. The device can be quarantined until the unauthorized behavior is shut down. So for example, if a workstation starts serving FTP files, it could be quarantined and the user notified they need to shut down the FTP server in order to be readmitted to the network. The upgrades represent a more fully featured NAC portfolio for Enterasys that warrant a look.
|
Contact the author: Tim Greene is a senior editor at Network World, covering network access control, virtual private networking gear, remote access, WAN acceleration and aspects of VoIP technology. You can reach him at tgreene@nww.com. ARCHIVEArchive of the Security: Network Access Control Newsletter. BONUS FEATUREIT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE International subscribers, click here. SUBSCRIPTION SERVICESTo subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007 |
No comments:
Post a Comment