Bradford Network Access Control best suited to college campuses

Vendor: Bradford Networks Network Sentry $32,460 Excellent NAC tool for complex, multi-vendor environments, like a college campus Too complex, difficult to install for enterprises; requires third-party help

Product:

Pricing (1,000 users):

Strengths:

Weaknesses:

Review: With over a decade of experience doing nothing but NAC, Bradford brings an immense amount of corporate knowledge to the NAC marketplace. As the dominant supplier of campus-wide NAC to the education market, Bradford’s approach has strong supporters in environments where heterogeneous device deployment (two dozen wired and wireless device vendor product lines are supported) and hostile users are the norm.

NAC: What went wrong?

Network Sentry has several deployment models, but the most common is based on edge device enforcement of access controls, typically using VLANs. Using a combination of SNMP and command line interface, Network Sentry detects devices coming onto the network (either by polling devices or receiving SNMP traps) and then walks each device through registration, authentication and compliance checking, before finally pushing a configuration that lets the device onto the network. Network Sentry also supports 802.1X authentication, but did not encourage its use.

The Network Sentry family also includes end-point security checking via either an on-network scanner (built-in support is included for Nessus) or the Bradford client on Windows, Mac OS X and Linux. A guest registration and login portal is available as an option, as is a network scanner which can be used to discover device types and build a database of devices on the network.

Unfortunately the product has grown over the years with patches, plug-ins, and an enormous number of add-ins to support the unique requirements of its huge customer base.

We found it hard to understand, poorly documented, difficult to manage, inconsistent in its behavior and with no clear way for someone to deploy the product without considerable third-party help.

Return to main test.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.
Now read: Getting grounded in IoT