Infoblox last week added an application to its product portfolio that will help IT managers scan and approve devices before letting the machines access their networks.

Infoblox Authenticated DHCP is an add-on application for the company's DNSone module that runs on Infoblox appliances. The rack-mounted appliances are installed near DNS and DHCP servers in customer data centers and process queries for DNS, DHCP, RADIUS and Lightweight Directory Access Protocol.

The new software will equip the appliances with capabilities that could deny network access to unauthenticated devices and protect the network from potentially infected machines. Authenticated DHCP will quarantine desktops, laptops and other devices before authenticating the machines and granting or denying them network access, Infoblox says.

Chris DeWitt, network administrator assistant at Oakwood College in Huntsville, Ala., plans to use the application to ensure some 500 desktops and laptops don't threaten the network when students start logging on at the beginning of the semester. He has been using Infoblox appliances for one year to manage DNS and DHCP servers, and has tested the new software with intentions to roll it out in the coming weeks on the school's production network. DeWitt started using Infoblox when the college decided to move away from Microsoft DNS and DHCP servers because of viruses associated with the operating system. He looked into NetReg, a free DHCP registration system, but says he had a difficult time getting it up and running.

According to DeWitt, Authenticated DHCP can potentially prevent machines from gaining network access without reconfiguring his network or buying more equipment. But he would like to see more security features going forward.

"Right now I can see it helping us track the student PCs because it has a one-to-one relationship with the IP and [media access control] addresses on the student machines," he says. "I'd like to be able to scan student machines for vulnerabilities and open ports in future releases."

The Infoblox products will compete primarily against Microsoft's Network Access Protection (NAP), which Microsoft is still developing, and the open source BIND application running on general-purpose servers. Other competitors include NetReg, SafeDHCP from MetaInfo and Lucent's VitalQIP.