Network access control in a nutshell


Next Previous yah

Vendor: Alcatel-Lucent

Product: Safe NAC (Alcatel-Lucent OmniSwitch switches, OmniAccess wireless controllers, OmniVista management tool, plus CyberGatekeeper endpoint security checker from InfoExpress.

Pros: Strong endpoint security checking, complete NAC solution

Cons: Lack of integration between Alcatel-Lucent and InfoExpress products; confusing array of configuration and management options.

Recommended for: Companies interested in comprehensive endpoint NAC and fine-grained access control

Next Previous yah

Vendor: Avenda Systems

Product: eTIPS 5005

Pros: Simplicity, easy-to-use, well-balanced NAC features

Cons: Relies on 802.1X authentication

Recommended for: Companies that want powerful, easy-to-use management system from a pure NAC vendor.

Next Previous yah

Vendor: Bradford Networks

Product: Network Sentry

Pros: Excellent, mature NAC tool for complex, multivendor environments

Cons: Might be too complex and difficult to install for a typical enterprise

Recommended for: College campus deployments

Next Previous yah

Vendor: Cisco

Product: NAC Appliance

Pros: Strong enforcement in-line

Cons: Limited tools for fine-grained access control, weaker enforcement at network edge

Recommended for: Wireless and VPN environments

Next Previous yah

Vendor: Enterasys

Product: NAC 3.2

Pros: Ease of use, well thought out, strong feature set

Cons: Minor management flaws

Recommended for: Enterasys and non-Enterasys networks considering 802.1X-based NAC.

Next Previous yah

Vendor: ForeScout Technologies

Product: CounterAct Appliance

Pros: Endpoint-centric, provides excellent network visibility

Cons: Scalability concerns, weak authentication

Recommended for: Companies focused on providing secure guest access, and looking for network visibility.

Next Previous yah

Vendor: HP

Product: ProCurve Identity Driven Manager

Pros: Cost-effective, strong management features, strong access controls

Cons: Endpoint security checking, reliance on HP switches

Recommended for: Existing HP switch customers

Next Previous yah

Vendor: Juniper

Product: Unified Access Control (UAC) 3.1

Pros: Integration with SSL-VPN, powerful feature set, separation of controls

Cons: Complexity, works best in Juniper networks

Recommended for: Companies focused on guest access and fine-grained access control.

Next Previous yah

Vendor: McAfee

Product: ePolicy Orchestrator, Network Security Manager, N-450 NAC appliance

Pros: Strong endpoint security, tight product integration

Cons: Lack of fine-grained access control when not in-line

Recommended for: McAfee customers

Next Previous yah

Vendor: Microsoft

Product: Network Access Protection (NAP), includes NAP client and Network Policy Server

Pros: Free to Windows shops, built into products most enterprises already have, many enforcement options

Cons: Windows-only, features are relatively primitive

Recommended for: All-Microsoft operating system environments where all devices are joined to a Windows domain.

Next Previous yah

Vendor: Symantec

Product: Network Access Control v11 (includes Symantec Endpoint Protection)

Pros: Strong endpoint compliance, ease of use

Cons: Weak authentication, lack of fine-grained access control

Recommended for: Existing Symantec customers

Next Previous yah

Vendor: Trustwave

Product: NAC 3.4

Pros: Easy to deploy, doesn't require network changes

Cons: Poor documentation, reactive

Recommended for: Small offices, branch offices


Related Articles