Recently a reader e-mailed to say that the Web site for former NAC vendor Vernier Networks was up and running again.

It wasn’t, but that note sparked interest in what the new incarnation of the company - now called Autonomic Networks - was up to.

The company stopped selling NAC gear and changed its name at the end of last year, but said at the time that it was regrouping and would announce what it was up to in a month or two. Now its 11 months later and still no word other than that it plans to make announcement early next year.

However, its Web site is full of details about its product called Access Risk Management System (ARMS), which is software that audits whether corporate identity management and access management comply with regulatory mandates and other standards.

The product can keep track of what access rights users actually exercise over a period of time, and if they don’t make use of them for a defined period, can cut them off, for example.

ARMS can keep track of how often developers and administrators connect to sensitive applications and data and trigger warnings if that access exceeds thresholds. The idea is that activity above the threshold may indicate malicious behavior.

Similarly, if a user without authorization to access a certain network resource accesses it anyway, that activity can be flagged so administrators can check whether an authorized users credentials are being misused to allow that access.

Autonomic seems to have developed security tools that go beyond the relatively straight forward goals of NAC – making sure endpoints pass a health check before they are allowed network access. ARMS looks like a valuable supplement to NAC and to complying with regulations.

Tim Greene is senior editor at Network World.