Security: Network Access ControlThis newsletter is sponsored by Sterling CommerceNetwork World's Security: Network Access Control Newsletter, 10/25/07Lockdown Networks tunes up Enforcer NACBy Tim GreeneLockdown Networks is tuning up its Enforcer NAC appliance so it doesn’t bog down network access during emergencies, when traffic might be greater than usual. Under normal circumstances the device can take on 30 pre-connect assessments per minute, each scan taking 10 to 15 seconds. But during an emergency, when more workers than usual are trying to connect to the network and require NAC scans, the volume of these scans can be reduced. New software for the devices allows suspending use of NAC. So if the bulk of users start accessing the network from home during a disaster rather than coming into the office, NAC rules can be changed so the appliance is not overwhelmed and does not become a barrier to getting on the network during an emergency.
In this disaster recovery mode, a secondary policy would kick in such admitting devices without scanning them if they have already passed endpoint checks within the past 24 hours. That is a less tight way of making sure that only compliant machines get on the network, but it may be a good short-term tradeoff to lost productivity because people are locked out. The company is also introducing a new enforcement mode for its gear that uses RADIUS communications protocols to talk to switches. Until now the devices enforced NAC by controlling standard switches via SNMP and command-line instructions. This enables the Lockdown appliance to enforce policies per port. Lockdown says leveraging RADIUS protocols means less overhead than using SNMP.
|
Contact the author: Tim Greene is a senior editor at Network World, covering network access control, virtual private networking gear, remote access, WAN acceleration and aspects of VoIP technology. You can reach him at tgreene@nww.com. This newsletter is sponsored by Sterling CommerceARCHIVEArchive of the Security: Network Access Control Newsletter. BONUS FEATUREIT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE International subscribers, click here. SUBSCRIPTION SERVICESTo subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: security.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007 |
No comments:
Post a Comment