Extreme bolsters NAC offering
Published: 24 Jul 2007 17:46 BST
Extreme Networks has upgraded its network access control offering to help firms better secure their networks.
The LAN equipment vendor has also introduced a Policy Manager tool which, together with the improved network access control (NAC), allows network administrators to apply and enforce security policies with increased scale and visibility. It said the solutions would also make the deployment of advanced security features easier and more manageable.
Extreme is tapping into a global NAC market worth an estimated £160m this year, according to analysts at the Internet Research Group (IRG). IRG says it expects the NAC market to reach £525m by 2010.
Extreme's NAC solution competes against those already sold by the likes of Cisco and Symantec, with Microsoft on the horizon. Microsoft is developing a similar offering, which it calls "Network Access Protection" (NAP), for Windows Vista and the forthcoming Windows Server 2008.
With Extreme seemingly not put off by these heavyweights, the firm has enhanced its existing Sentriant Access Guard (AG) NAC platform. The solution now supports networks and numerous endpoints, with new features that centralise management of multi-server deployments. This addresses environments where a single dedicated management server controls multiple enforcement servers that can be distributed across buildings or departments.
For smaller NAC deployments, a single management server can be deployed that provides embedded enforcement capabilities on one platform.
Sentry Posts Blog
Guarding the network
What you need to know — and what you and your peers have to tell us — about security management in our new community group blog
The solution also now includes support for Macs, which could be particularly useful for universities and media companies.
And to deliver greater scalability and reliability of NAC, Sentriant AG now supports load-balancing capabilities, where the endpoint testing load is distributed across all enforcement servers in a cluster. This adds redundancy, so, if one server fails, the security policy remains functional. An enhanced user interface (UI) also provides enterprise-scale administration capabilities, where managers can rapidly access, view and control all servers and endpoint access information from a single management console.
The platform's 802.1x-based authentication system has also been streamlined within the UI. And the system now supports authentication pass-through to Microsoft Active Directory and OpenLDAP, in addition to operating as a proxy for an external IAS/Radius server.
To further the security at the core and the edge of the network, Extreme has unveiled Extreme Networks Policy Manager (EPM), a management tool that provides visibility into security rules and which eases management of access control lists (ACLs).
EPM is client-based software used to create security policies and Extreme Networks' Clear-Flow security rules.
A key benefit of EPM is its real-time interaction with Extreme Networks BlackDiamond and Summit switches, where up-to-the-minute information is provided and changes can be made in real-time. The efficiency and accuracy of ACLs is enhanced through a series of automated dependency, rule and validation checks being performed. This alerts and removes potential conflicts, helping to keep the network secure from breaches.
"Our new solutions help enterprises to protect their networks from unsafe devices and to proactively enforce edge security policy," said Suresh Gopalakrishnan, vice president and general manager for the emerging products group at Extreme Networks. Gopalakrishnan said the offerings integrate with the firm's Clear-Flow security rules engine, which would help establish a layered security approach.
Did you find this article useful?
4 out of 4 people found this useful
- Share this article:
