- Bank Web sites full of security holes
- SCO Group: Its future is all used up
- Maligned feature being added to IPv6
- I returned my iPhone 3G after six days!
- VPNs: Six burning questions
News | Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Enterasys is upgrading the software on its Sentinel NAC appliance so it can be dropped into any network with managed switches, not just Enterasys networks.
Before, the device could enforce NAC policies via Enterasys switches only, but with the upgrade the device can use two different standards-based methods for enforcing policies through switches made by other vendors.
The Sentinel appliance can send SNMP commands to switches to shut off switch ports being used by devices that fail to comply with mandated security postures set up by network administrators. The appliance can also use the 802.1Q VLAN standard to allow access for a non-compliant device, but only to a quarantine VLAN.
With the same upgrade, Enterasys is integrating Sentinel with its Dragon intrusion prevention gear. The combination provides pre-admission NAC and post-admission NAC. The former keeps devices that lack the appropriate security posture off the network. The latter drops access for devices that had been admitted but whose behavior on the network indicates it may pose a threat.
The combination of technologies fills significant gaps. With just pre-admission checking, NAC can tell whether a device has certain security features active and updated, but not whether the device is actually infected with something that could be dangerous to the network. It decreases the likelihood that it is infected, but doesn’t guarantee it.
Post-admission monitoring looks for signatures of known malware on the network as well as behavior by devices that may indicate they are behaving insecurely.
Customers who never would have considered Enterasys for NAC because they don’t use Enterasys switches now have it as an option.
Rss FeedRss Feed
If the IT manager is knowledgeable regarding Cisco technology, he would have 2 options. Option 1 - Consult...- Anonymous
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comment