NetClarity reveals mystery method of blocking suspicious traffic

Clarifying issues surrounding this emerging security architecture

NetClarity sells NAC gear that until now blocked suspicious traffic in a mysterious way that somehow involved switches in the network, but all the company would say about it was: Patent pending.

Now the patent has been issued and the company is talking about how its gear talks to switches, via common line SSH or TELNET instructions to the switch.

This means that customers can enforce NAC policies using whatever switches they have in their networks. This is one of the issues businesses have when considering NAC. They don’t want to do the proverbial fork-lift upgrade in order to gain the benefits of NAC.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

NetClarity sells NAC gear that until now blocked suspicious traffic in a mysterious way that somehow involved switches in the network, but all the company would say about it was: Patent pending.

Now the patent has been issued and the company is talking about how its gear talks to switches, via common line SSH or TELNET instructions to the switch.

This means that customers can enforce NAC policies using whatever switches they have in their networks. This is one of the issues businesses have when considering NAC. They don’t want to do the proverbial fork-lift upgrade in order to gain the benefits of NAC.

The company claims that this means installing its equipment can be a tenth or less the cost of some competitive NAC options.

The downside is there are a lot of switch models out there each with its own interfaces, so that depending on the switch, NetClarity might or might not have it baked into its NAC gear.

The company acknowledges this potential drawback and says it plans a plug-in builder for customers to write directions for their own particular switches. If customer-written plug-ins pass quality testing by NetClarity, they may then be submitted to a plug-in library free to other customers. Over time, this could eliminate the need for the plug-in writer.

The company also has plans to expand the enforcement options available when its equipment detects traffic that violates policies. Rather than just either block it or allow it, the equipment will be able to quarantine suspicious traffic as well.

Read more about security in Network World's Security section.

Tim Greene is senior editor at Network World.