- Protecting yourself from a new online scam
- Diary of a deliberately spammed housewife
- Silly Internet traditions: A concise history
- How to avoid laptop loss at the airport
- Top 10 worst uses for Windows
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Enterasys is issuing a new version of its NetSight management suite that lets its NAC system set policies for unmanaged devices such as guest laptops.
With NetSight 3.0, the company’s NAC Manager software now supports MAC-address registration tied to user identity as a criterion for applying policy.
This lets enterprises divert the laptop of a guest or consultant who is trying to log into the network to a Web portal, where the user would be queried for information that can be paired with the MAC address of the machine.
A guest might be granted just Internet access if the MAC address is unknown or the user ID is unknown. Alternatively, the device might be allowed onto a restricted VLAN if a trusted sponsor -- an authorized company employee -- enters a valid user name and password.
Vendors such as Bradford Networks and Great Bay Software have means to use MAC addresses to apply NAC policies to unmanaged devices that may include printers and IP phones.
This option is primarily for guests, contractors and other people who use computers not issued by the corporation, and allows known, validated employees to vouch for visitors.
Enterasys also is introducing Assisted Remediation Server, which automatically refers machines that fail NAC preadmission scans to a server where they can be patched to address whatever shortcomings the scans reveal.
A device that fails the initial scans is sent to a Web portal, which displays what steps the user should take to remediate the problem. Before, Enterasys did not have a remediation mechanism.
In addition, Enterasys now supports postadmission NAC by blending features of its new Automated Security Manager with its NAC Manager platform. Postadmission NAC monitors devices that have been admitted to the network and can restrict their activity if they violate behavior policies.
So when Automated Security Manager is notified by intrusion-detection systems of behavior that violates such policies, it passes details of the violation along to NAC Manager. In turn, NAC Manager enforces policies to address the unauthorized behavior. The device can be quarantined until the unauthorized behavior is shut down.
For example, if a workstation starts serving FTP files, it could be quarantined and the user directed to shut down the FTP server in order to be readmitted to the network.
The Diane's of the industry should be acknowledged for their understanding of why products fail when...- Anon
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Comment