Thursday, October 25, 2007

Lockdown Networks tunes up Enforcer NAC

Network World

Security: Network Access Control




Network World's Security: Network Access Control Newsletter, 10/25/07

Lockdown Networks tunes up Enforcer NAC

By Tim Greene

Lockdown Networks is tuning up its Enforcer NAC appliance so it doesn’t bog down network access during emergencies, when traffic might be greater than usual.

Under normal circumstances the device can take on 30 pre-connect assessments per minute, each scan taking 10 to 15 seconds. But during an emergency, when more workers than usual are trying to connect to the network and require NAC scans, the volume of these scans can be reduced.

New software for the devices allows suspending use of NAC. So if the bulk of users start accessing the network from home during a disaster rather than coming into the office, NAC rules can be changed so the appliance is not overwhelmed and does not become a barrier to getting on the network during an emergency.

Webcast: Get the latest on NAC

Learn the latest on Network Access Control in Network World's Perspectives Editorial Webcast. Discover how IT professionals can leverage this hot security technology in their networks, while also learning about key management areas that have not yet been perfected.

To learn more click here.

In this disaster recovery mode, a secondary policy would kick in such admitting devices without scanning them if they have already passed endpoint checks within the past 24 hours. That is a less tight way of making sure that only compliant machines get on the network, but it may be a good short-term tradeoff to lost productivity because people are locked out.

The company is also introducing a new enforcement mode for its gear that uses RADIUS communications protocols to talk to switches. Until now the devices enforced NAC by controlling standard switches via SNMP and command-line instructions. This enables the Lockdown appliance to enforce policies per port.

Lockdown says leveraging RADIUS protocols means less overhead than using SNMP.


  What do you think?
Post a comment on this newsletter

MOST-READ STORIES:
1. Top 20 Firefox extensions
2. 2007 network industry graveyard
3. Cisco's $330M buy into WiMAX
4. 'Fire blogging' tech expert on the frontlines
5. ID thieves have 50% chance of going to prison
6. Gartner's top 10 strategic technologies for 2008
7. Top 15 USB geek gadgets
8. Next-gen LANs, branches under consideration
9. Cisco fights fakes via remarketing operations
10. Unlimited gall to cost Verizon $1 million

MOST-DOWNLOADED PODCAST:
Twisted Pair: Rumor Mill — Who's Buying Who?


Contact the author:

Tim Greene is a senior editor at Network World, covering network access control, virtual private networking gear, remote access, WAN acceleration and aspects of VoIP technology. You can reach him at tgreene@nww.com.



ARCHIVE

Archive of the Security: Network Access Control Newsletter.


BONUS FEATURE

IT PRODUCT RESEARCH AT YOUR FINGERTIPS

Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details.


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

No comments:

Post a Comment