Thursday, June 07, 2007

Beacons for NAC deployment

Network World

Network Access Control




Network World's Network Access Control Newsletter, 06/07/07

Beacons for NAC deployment

By Tim Greene

Great Bay Software has a product that is a valuable adjunct to NAC deployments.

Called Beacon, the device performs a set of useful functions that aren’t strictly necessary to NAC, but that make for quicker and less vulnerable deployments.

Before deploying NAC, businesses need to know every device on the network, and Beacons can discover that automatically, saving enormous amounts of time that it would take to do so manually.

Manage Insider Security Threats

Experts say 75% of security threats come from inside your organization. Watch the latest Network World Editorial Perspectives Webcast today, "Security From the Inside," and learn which technologies and processes best protect your intellectual property and assets inside the perimeter.

Click Here to View

In addition, the device can perform authentication based on MAC addresses. This is useful to authenticate devices that don’t respond to other authentication methods such as 802.1x, which is used in many NAC architectures.

This class of device includes printers, phones, cameras and game boxes. This is not an insignificant number of devices. One user said Beacon found that 60% of devices on his network fell into this category.

Beacon can keep NAC gear updated about these devices so they are admitted at NAC enforcement points even though they don’t respond to NAC queries.

The Great Bay box also keeps track of the behavior of devices on the network and can correlate that activity with what is expected of such a device. If, for instance, a printer suddenly starts searching the Web or accessing databases, it’s a good bet the device attached to that port is no longer a printer.

If tied in with NAC gear, Beacons can shut these spoofed devices down.

For these reasons, potential NAC customers should quiz their vendor on whether their equipment supports network device discovery, MAC authentication and ongoing device monitoring. If not, these customers might check into Beacon.


  What do you think?
Post a comment on this newsletter

TODAY'S MOST-READ STORIES:

1. 5 new ways to authenticate users
2. FAQ: What Avaya going private is all about
3. What Google bought in the past 12 months
4. Churn in the VoIP market?
5. Will Cisco suffer IBM's fate?
6. Firefox flaws raise Mozilla security doubts
7. Adult filmmakers taking their lumps on ‘Net?
8. Avaya goes private in $8.2B deal
9. Slideshow: 5 new ways to authenticate users
10. Stealthy attack serves malicious code only once

MOST-READ REVIEW:
How low can your data go with virtual tape libraries?


Contact the author:

Tim Greene is a senior editor at Network World, covering network access control, virtual private networking gear, remote access, WAN acceleration and aspects of VoIP technology. You can reach him at tgreene@nww.com.



ARCHIVE

Archive of the Network Access Control Newsletter.


BONUS FEATURE

IT PRODUCT RESEARCH AT YOUR FINGERTIPS

Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details.


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

No comments: