Taking a cautious approach to NAC

* Bradford Networks has a set of options for those wanting to take a cautious approach to NAC

Not everybody wants to jump into NAC all at once, and Bradford Networks has a set of options for those who want to take a cautious approach. (Compare NAC products)

The company is expanding its single-function appliance options with three new offerings: User Visibility and Control (UVC); Device Profile and Control (DPC); and Behavior Monitoring and Control (BMC).

Each one is a separate software module that runs on the company’s NAC Director appliance. Each module is a subset of the full software load that comes with NAC Director; customers who buy a NAC Director get all the individual modules automatically.

UVC controls what users are admitted, DPC controls what devices are admitted and BMC controls what behaviors are acceptable. The company already had a separate package for dealing with guests called Guest Contractor Services.

UVC might be attractive to a customer with, say, a call center where agents share the same desktop and the primary interest is making sure the person is properly authenticated, Bradford says. Or a school with a wireless LAN would want to know who is accessing the network so administrators can control what resources students get vs. what teachers get, for example.

DCP is designed to sort out large numbers of unmanaged machines or machines the don’t support NAC agents. One instance the company cited was a hospital whose operating rooms hold medical devices that fall into this category and that have to be removed after each surgery to clean the room. This can assure that when the devices are plugged back in they get appropriate access, even if they are mistakenly plugged into a port with unrestricted network access. DCP might similarly be useful for heating system elements, IP phones and printers, the company says.

BMC integrates with intrusion detection and prevention systems (IDS/IPS), behavior analysis tools and other network monitoring devices to set limits on acceptable network behavior. (Compare IDS and IPS products)

Pricing for all three products at $7,995 for a software module, the hardware and a license for 250 devices. Any of the three can be upgraded to a full NAC director. UVC and BMC are available now, DPC will not be available until Q1 of next year.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2008 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)