HP's multifaceted NAC offering

* ProCurve NAC 800 and ProCurve Immunity Manager

ProCurve Networking by HP this week is announcing two products that, in combination with its existing gear, give the company a multifaceted NAC offering.

The company is announcing ProCurve NAC 800, an appliance that evaluates the security posture of endpoints trying to get onto corporate networks. It then enforces the policies via 802.1x port authentication on network switches.

This is ProCurve’s answer to pre-admission NAC. If devices pass pre-admission NAC scans, it means they are less likely to contain malware that can harm the network.

In combination with NAC 800 client software, the device can check for operating system patches, antivirus software, what applications are running on the device, and registry settings. If the device comes up short of meeting set policies, NAC 800 can keep it off the network until the policies are met.

NAC 800 works in conjunction with ProCurve’s Identity Driven Manager (IDM), that authorizes devices as they enter the network, defining what resources they have access to. So as devices log in, they are scanned for the proper configuration and assigned appropriate access rights.

ProCurve is also announcing ProCurve Immunity Manager, software that draws on multiple network devices to gather data about traffic. It then analyzes the data looking for anomalies. This is a way to find machines that may have been infected when they were admitted to the network.

When Immunity Manager finds traffic that violates network policies, it can shut down the traffic at the switch port where the device is attached. It can lock down the MAC address of the port, switch the device to a quarantine VLAN or shut the port down altogether.

Immunity Manager can also refer suspect traffic to other intrusion detection and prevention platforms for deeper inspection to determine whether it really represents a threat.

Immunity Manager requires that switches support sFlow, the standards-based traffic-monitoring capabilities in routers and switches. The immunity platform also gathers traffic data from other network devices such as firewalls and intrusion detection gear.

Immunity Manager is available June 1 and runs from $5,000 for 50 licenses to $29,000 for unlimited licenses. NAC 800 will be available in the third quarter and the price hasn’t been set yet.

Next time: A little about how this stacks up with other NAC schemes.

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2007 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)