McAfee's IPS enforcement is home grown

Clarifying issues surrounding this emerging security architecture

Recently McAfee announced it was adding hardware enforcement to its NAC offerings by adding NAC software to its IPS appliance.

Previously, the company enforced NAC policies via its software agent placed on managed endpoints that supported a McAfee NAC agent.

The IPS-based enforcement allows NAC policies to be imposed on unmanaged devices on networks, such as guest and contractor laptops that don’t carry the McAfee NAC agent software.

Since the announcement, it was reported in a blog by NAC vendor Napera that McAfee has bought up the assets of defunct NAC vendor Lockdown Networks. There was speculation in that blog that McAfee’s IPS-based NAC enforcement was based on Lockdown technologies.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Recently McAfee announced it was adding hardware enforcement to its NAC offerings by adding NAC software to its IPS appliance.

Previously, the company enforced NAC policies via its software agent placed on managed endpoints that supported a McAfee NAC agent.

The IPS-based enforcement allows NAC policies to be imposed on unmanaged devices on networks, such as guest and contractor laptops that don’t carry the McAfee NAC agent software.

Since the announcement, it was reported in a blog by NAC vendor Napera that McAfee has bought up the assets of defunct NAC vendor Lockdown Networks. There was speculation in that blog that McAfee’s IPS-based NAC enforcement was based on Lockdown technologies.

Well it’s not, according to McAfee. The IPS enforcement is home grown.

So what is McAfee doing with all that Lockdown intellectual property?

“The development team is leveraging it but it has not yet been included in any McAfee products,” a spokeswoman says.

Is there a plan to include the technology in McAfee products?

“They won’t disclose at this time, but it’s possible,” the spokeswoman says.

Well of course they’re going to incorporate it. Lockdown had an appliance that could enforce NAC policies on switches via SNMP. That is a preferred method for enforcing NAC because it is closer to the endpoint itself and doesn’t require proliferation of IPS devices.

Beyond that, McAfee said when it announced its IPS enforcement that early next year it would introduce a NAC-only appliance. Chances are it will be based on the Lockdown gear.

Read more about security in Network World's Security section.

Tim Greene is senior editor at Network World.