You can always tell something big is brewing that will shape our lives in security when the vendor market gets crowded with solutions before standards have been shaped. These 20 companies are giving Cisco Systems and Microsoft a run for their money by bringing network access control (NAC) products to market. The crowded market, coupled with gorillas like Cisco and Microsoft promoting propriatary solutions is likely to really confuse the client base. My take is that it is the solutions providers and integrators that build solid and scalable deployment methodologies around the technologies that will shape which products emerge as the ultimate winners.
Check Point Software Technologies : Total Access Protection platform weaves NAC functionality into Check Point's Integrity line of endpoint security productsFeatures: Continually scans for policy compliance, also handles self-enforcement of infringing devices and automatically remediates them.
Consentry Networks : LANShield Switch and LANShield Controller Features: Enables companies to deploy NAC on existing network infrastructure. Switch inspects packets at speeds up to 10 gigabits per second and includes Layer 7 visibility, user access and threat control, and policy-setting features. Also supports access control solutions from Cisco, Microsoft and Check Point.
Elemental Security : Elemental Security Platform Features: Provides NAC functionality along with policy and configuration management, and includes a security policy editor that can be configured to restrict access to the server to authorized endpoints and to deal with the threat of unmanaged devices.
Enterasys : Sentinel, Trusted Access Gateway appliance and Access Manager softwareFeatures: Part of Enterasys' Secure Networks portfolio, Sentinel prevents infected or unauthorized devices from gaining access to a company's network and works without deploying agents on clients, enabling it to screen both corporate and guest devices. Appliance monitors health of devices trying to get on the network, management software is used for configuring and monitoring the gateway.
Hewlett-Packard ProCurve : ProCurve Access Control Security SolutionFeatures: Focuses on NAC at the LAN edge, using switches and software to handle NAC functions such as access, authentication and tracking. This approach speeds the decision making process and also blocks malicious traffic from the corporate network.
Infoblox : Infoblox appliances, ID Aware DHCP ToolkitFeatures: Uses Dynamic Host Configuration Protocol (DHCP) to enable identity-based control over IP address assignment, which allows companies to deploy NAC on existing network infrastructure. Solution is based on various policies that can be set from the Infoblox appliances.
InfoExpress : Dynamic NAC Features: Simplifies deployment of NAC by using software installed on network PCs to ensure compliance with corporate security policies. Creates groups of 'enforcers' that scan the network, search for unauthorized endpoints, and immediately quarantine and remediate.
Insightix : Insightix NAC Features: Proprietary Dynamic Infrastructure Discovery (DID) technology ensures that only authorized devices can access the network and doesn't require deployment of software agents or specialized hardware. Enforces NAC policies on Layer 2 of the network to block unauthorized devices from connecting.
Juniper Networks : Infranet Controller 4000 and 6000 appliances; Infranet Agent Features: Juniper's Unified Access Control architecture combines identity-based policy and endpoint intelligence to perform host check, and provides optional authenticated and encrypted transport to NAC enforcement gateways.
Lockdown Networks : Lockdown Enforcer (all-in-one NAC appliance), Lockdown Sentry (NAC appliance for remote offices)Features: Works with existing infrastructure to ensure that potentially infected or otherwise unsafe devices do not get onto networks. Supports 802.1x as well as authentication for non-802.1x compliant devices; integrates with Active Directory, Novell, and LDAP for user based policy enforcement.
McAfee : McAfee NAC Features: McAfee's NAC Policy Enforcer, a module controlled through ePolicy Orchestrator management tool, allows administrators to set security and policy controls through a centralized console.
Meetinghouse Networks : Endpoint Security Management solution Features: Identity-based NAC approach that can simultaneously enforce security policy, monitor health of devices seeking access to the network, and block unauthorized access to the network.
Mirage Networks : Mirage NAC appliances and management softwareFeatures: Infrastructure-independent NAC solution that doesn't require deep switch integration for containment or mitigation of infected PCs. Technology uses set of rules to detect potentially threatening behavior and sends infected devices to a quarantine server for remediation.
Nevis Networks : LANenforcer appliance, LANsight management software Features: Identity-based approach that uses policy-based rules determine access to network, as well as a stateful firewall to handle NAC enforcement.
Nortel Networks : Secure Network Access SolutionFeatures: Clientless solution that continuously scans network endpoints and handles enforcement for corporate security policies. Deploys out of line in order to minimize impact on network performance.
Senforce Technologies : Senforce NACFeatures: Provides agent-free testing with no code or ActiveX controls installed, to facilitate support, enhance scalability, and speed deployments. Also includes agent-based endpoint testing through a downloadable persistent client, as well as an ActiveX plugin that tests endpoints using a Web browser.
StillSecure : Safe Access Features: Provides agent-less, ActiveX, and agent-based endpoint testing methods, and a range of policy enforcement methods based on DHCP (network-based and endpoint-based), in-line, Cisco NAC, and 802.1x.
Symantec : Network Access Control Enforcer Features: Preconfigured appliance-based solution that uses technology from Symantec's 2005 acquisition of NAC startup Sygate. Symantec is in the process of integrating technology from its 2005 acquisition of Whole Security, a startup specializing in behavior-based security and anti-phishing products.
Vernier Networks : EdgeWall 8800 applianceFeatures: Performs NAC functions at 40 gigabits per second. Continually inspects traffic at layers 4 through 7 to ensure that endpoints are in compliance. Quarantines and remediates infected devices and can associate traffic with individual users.
CATEGORIES : 1nac, 1endpointsecurity