Network access control in a nutshell
Product: Safe NAC (Alcatel-Lucent OmniSwitch switches, OmniAccess wireless controllers, OmniVista management tool, plus CyberGatekeeper endpoint security checker from InfoExpress.
Pros: Strong endpoint security checking, complete NAC solution
Cons: Lack of integration between Alcatel-Lucent and InfoExpress products; confusing array of configuration and management options.
Recommended for: Companies interested in comprehensive endpoint NAC and fine-grained access control
Vendor: Avenda Systems
Product: eTIPS 5005
Pros: Simplicity, easy-to-use, well-balanced NAC features
Cons: Relies on 802.1X authentication
Recommended for: Companies that want powerful, easy-to-use management system from a pure NAC vendor.
Vendor: Bradford Networks
Product: Network Sentry
Pros: Excellent, mature NAC tool for complex, multivendor environments
Cons: Might be too complex and difficult to install for a typical enterprise
Recommended for: College campus deployments
Product: NAC Appliance
Pros: Strong enforcement in-line
Cons: Limited tools for fine-grained access control, weaker enforcement at network edge
Recommended for: Wireless and VPN environments
Product: NAC 3.2
Pros: Ease of use, well thought out, strong feature set
Cons: Minor management flaws
Recommended for: Enterasys and non-Enterasys networks considering 802.1X-based NAC.
Vendor: ForeScout Technologies
Product: CounterAct Appliance
Pros: Endpoint-centric, provides excellent network visibility
Cons: Scalability concerns, weak authentication
Recommended for: Companies focused on providing secure guest access, and looking for network visibility.
Product: ProCurve Identity Driven Manager
Pros: Cost-effective, strong management features, strong access controls
Cons: Endpoint security checking, reliance on HP switches
Recommended for: Existing HP switch customers
Product: Unified Access Control (UAC) 3.1
Pros: Integration with SSL-VPN, powerful feature set, separation of controls
Cons: Complexity, works best in Juniper networks
Recommended for: Companies focused on guest access and fine-grained access control.
Product: ePolicy Orchestrator, Network Security Manager, N-450 NAC appliance
Pros: Strong endpoint security, tight product integration
Cons: Lack of fine-grained access control when not in-line
Recommended for: McAfee customers
Product: Network Access Protection (NAP), includes NAP client and Network Policy Server
Pros: Free to Windows shops, built into products most enterprises already have, many enforcement options
Cons: Windows-only, features are relatively primitive
Recommended for: All-Microsoft operating system environments where all devices are joined to a Windows domain.
Product: Network Access Control v11 (includes Symantec Endpoint Protection)
Pros: Strong endpoint compliance, ease of use
Cons: Weak authentication, lack of fine-grained access control
Recommended for: Existing Symantec customers
Product: NAC 3.4
Pros: Easy to deploy, doesn't require network changes
Cons: Poor documentation, reactive
Recommended for: Small offices, branch offices
At DockerCon, Google throws its weight behind the Docker container technology
Automation and better auditing with CounterACT
Symantec has published recommendations for mitigating the danger