We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message

Network access control in a nutshell

Twelve leading NAC products put to the test

Vendor: Alcatel-Lucent

Product: Safe NAC (Alcatel-Lucent OmniSwitch switches, OmniAccess wireless controllers, OmniVista management tool, plus CyberGatekeeper endpoint security checker from InfoExpress.

Pros: Strong endpoint security checking, complete NAC solution

Cons: Lack of integration between Alcatel-Lucent and InfoExpress products; confusing array of configuration and management options.

Recommended for: Companies interested in comprehensive endpoint NAC and fine-grained access control

Vendor: Avenda Systems

Product: eTIPS 5005

Pros: Simplicity, easy-to-use, well-balanced NAC features

Cons: Relies on 802.1X authentication

Recommended for: Companies that want powerful, easy-to-use management system from a pure NAC vendor.

Vendor: Bradford Networks

Product: Network Sentry

Pros: Excellent, mature NAC tool for complex, multivendor environments

Cons: Might be too complex and difficult to install for a typical enterprise

Recommended for: College campus deployments

Vendor: Cisco

Product: NAC Appliance

Pros: Strong enforcement in-line

Cons: Limited tools for fine-grained access control, weaker enforcement at network edge

Recommended for: Wireless and VPN environments

Vendor: Enterasys

Product: NAC 3.2

Pros: Ease of use, well thought out, strong feature set

Cons: Minor management flaws

Recommended for: Enterasys and non-Enterasys networks considering 802.1X-based NAC.

Vendor: ForeScout Technologies

Product: CounterAct Appliance

Pros: Endpoint-centric, provides excellent network visibility

Cons: Scalability concerns, weak authentication

Recommended for: Companies focused on providing secure guest access, and looking for network visibility.

Vendor: HP

Product: ProCurve Identity Driven Manager

Pros: Cost-effective, strong management features, strong access controls

Cons: Endpoint security checking, reliance on HP switches

Recommended for: Existing HP switch customers

Vendor: Juniper

Product: Unified Access Control (UAC) 3.1

Pros: Integration with SSL-VPN, powerful feature set, separation of controls

Cons: Complexity, works best in Juniper networks

Recommended for: Companies focused on guest access and fine-grained access control.

Vendor: McAfee

Product: ePolicy Orchestrator, Network Security Manager, N-450 NAC appliance

Pros: Strong endpoint security, tight product integration

Cons: Lack of fine-grained access control when not in-line

Recommended for: McAfee customers

Vendor: Microsoft

Product: Network Access Protection (NAP), includes NAP client and Network Policy Server

Pros: Free to Windows shops, built into products most enterprises already have, many enforcement options

Cons: Windows-only, features are relatively primitive

Recommended for: All-Microsoft operating system environments where all devices are joined to a Windows domain.

Vendor: Symantec

Product: Network Access Control v11 (includes Symantec Endpoint Protection)

Pros: Strong endpoint compliance, ease of use

Cons: Weak authentication, lack of fine-grained access control

Recommended for: Existing Symantec customers

Vendor: Trustwave

Product: NAC 3.4

Pros: Easy to deploy, doesn't require network changes

Cons: Poor documentation, reactive

Recommended for: Small offices, branch offices

  • Play
  • Play
  • Backward
  • Forward

Vendor: Alcatel-Lucent

Product: Safe NAC (Alcatel-Lucent OmniSwitch switches, OmniAccess wireless controllers, OmniVista management tool, plus CyberGatekeeper endpoint security checker from InfoExpress.

Pros: Strong endpoint security checking, complete NAC solution

Cons: Lack of integration between Alcatel-Lucent and InfoExpress products; confusing array of configuration and management options.

Recommended for: Companies interested in comprehensive endpoint NAC and fine-grained access control

Send to a friend

Email this article to a friend or colleague:


PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.


ComputerworldUK Knowledge Vault

ComputerworldUK
Share
x
Open
* *