- BlackBerry Storm vs. the iPhone
- Digg's Kevin Rose: "We have to do better"
- Blogger warns: "Nortel doesn't make it out alive"
- Financial quagmire bringing out the scammers
- Verizon plays with the wrong e-mail addresses
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
Check Point Software is announcing a supplemental NAC architecture this week that integrates its deep-inspection firewalls with Intel-based network interface cards to block rogue behavior.
The latest version of Check Point’s VPN-1 NGX software enables postadmission NAC by finding traffic that violates security policies and shutting it down at the NIC of the machine generating it.
This requires NICs in desktops based on Intel’s vPro technology, which contains programmable hardware filters to block traffic.
Check Point already had a means to block malicious traffic at the desktop via its Integrity client software, which includes a firewall that can block traffic based on set policies. The software also scans desktops and laptops for security posture, and that information can be used to allow or deny network access.
Adding access controls via firewalls and NICs gives customers an additional option for deploying admission security. For example, a company that upgrades its PCs routinely might acquire the Intel hardware needed to execute admission policies. HP and Gateway have announced desktops employing vPro technology.
Customers could use the NICs to enforce NAC policies without deploying the Integrity client, a time-consuming task to take on, because it includes not only installation and configuration but ongoing maintenance.
The new Check Point software release supports cooperative enforcement between its VPN-1 firewalls and the NICs. To enable the enforcement, customers must write scripts that instruct the NICs what traffic to block or divert to quarantine VLANs. Check Point says that in later releases, the script writing will be masked behind a graphical user interface that will make it simpler to configure NAC policies for the NICs to enforce.
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment