Anti-virus vendors target network-access control

Anti-virus software rivals McAfee and Symantec are going toe-to-toe again as they both unveiled network-access control products at the RSA Conference last week.

Expected to ship in mid March, McAfee's Policy Enforcer 1.0 will include Windows-based desktop client software to let customers enforce endpoint security by having the Windows-based Policy Enforcer server check for updated patches, anti-virus, firewall and unauthorized applications before allowing a user onto the network. The server component also will be available as a software module that can run in McAfee's management console, ePolicy Orchestrator.

The goal is not just to enforce patch and anti-virus updates, says Eric Winsborrow, McAfee vice president of product marketing. "We're also going to be able to check for the existence of infections like Sasser or Zotob or botnets before allowing the machine onto the network."

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Anti-virus software rivals McAfee and Symantec are going toe-to-toe again as they both unveiled network-access control products at the RSA Conference last week.

Expected to ship in mid March, McAfee's Policy Enforcer 1.0 will include Windows-based desktop client software to let customers enforce endpoint security by having the Windows-based Policy Enforcer server check for updated patches, anti-virus, firewall and unauthorized applications before allowing a user onto the network. The server component also will be available as a software module that can run in McAfee's management console, ePolicy Orchestrator.

The goal is not just to enforce patch and anti-virus updates, says Eric Winsborrow, McAfee vice president of product marketing. "We're also going to be able to check for the existence of infections like Sasser or Zotob or botnets before allowing the machine onto the network."

"We need to have a better control over the assets in our network," says Andre Gold, director of information security at Continental Airlines in Houston. The firm is beta-testing McAfee's Policy Enforcer, with the prospect that it may be rolled out in the organization later this year as a way to better prevent virus and worm infestations.

If a desktop doesn't pass inspection, Policy Enforcer will quarantine it to facilitate a remediation process so that the user can meet the security policy and gain admittance to the network. McAfee's product also will include a Windows-based scanner to perform network discovery and determine what devices are coming onto the network.

Symantec is targeting the same segment with its Symantec Network Access Control Enforcer appliance, a hardware-based version of the Sygate Enterprise Protection software product it received through the acquisition of Sygate Technologies last year.

The appliance, expected to ship in April, will include a desktop software agent for Windows-based computers that will perform a wide variety of host-integrity checks, says Jon Brody, senior director of product management.

The Symantec Network Access Control Enforcer appliance will check for anti-virus and ensure that required software patches are installed.

Whether deployed on a LAN segment or behind the VPN gateway, it also will be able to scan machines that may not have the host-based agent on it. "It will be able to download an on-demand agent to a visiting machine to scan it in a host-integrity check," says CJ Desai, Symantec's director of product management.

McAfee and Symantec each has its own approaches to network-access control, but the question arises how their products may fit into the Cisco and Microsoft technical frameworks. Cisco's Network Admission Control (NAC) relies on Cisco switches and routers as the policy-enforcement point. Microsoft's Network Access Protection (NAP) is in beta with the Vista operating system.

Symantec and McAfee say their products do support Cisco's NAC and they intend to support Microsoft NAP as the beta-testing program for it concludes, probably later this fall. Both also say they will back the emerging open network-access control specification called Trusted Network Connect from the Trusted Computing Group.