. : Network Security Solutions – End Point Security (NAC)
StillSecure SafeAccess : www.stillsecure.com
Safe Access™ is the information security industry's most flexible network access control (NAC) solution. Awarded SC Magazine's Best Endpoint Security Solution of 2006, Safe Access fits seamlessly into your network architecture and covers the widest range of devices and users. Unlike solutions that only function in specific environments and architectures, Safe Access doesn't force you into expensive network infrastructure upgrades or require architecture changes. It works in your environment regardless of network vendor or infrastructure model.
Safe Access provides five enforcement options for quarantining endpoints. This enables Safe Access to enforce policy compliance across complex, heterogeneous networks. Enforcement options include:
- 802.1x enforcement
- DHCP enforcement
- Endpoint-based enforcement
- Inline enforcement for VPN and RAS connections
- Cisco NAC enforcement
Enforcement options can be blended within a Safe Access implementation and managed from a single Web-based console. Additionally, Safe Access offers three endpoint testing options:
- Agent-less testing
- ActiveX-based testing
- Agent-based testing
Purpose-built for NAC
Safe Access is purpose-built for network access control. Its proprietary testing and enforcement engine provides deep endpoint testing, generates minimal data transfer per test session, and tests devices quickly. It is completely transparent to users whose devices test compliant. Unlike other so-called NAC solutions built on top of vulnerability scanners, personal firewalls, or IDS/IPS solutions, Safe Access is not weighed down by non-relevant processes or constrained by limited testing capabilities. Additionally—unlike these other products—Safe Access is a true 'pre-connect' solution that eliminates risk by testing endpoints before they physically connect to the network.
Advantages of Safe Access' purpose-built NAC engine:
- Testing speed: 3 — 5 seconds per endpoint
- Minimal test session data transfer: 35k avg.
- Minimal impact on end-user
- In-depth testing for specific NAC risks
- True pre-connect testing
- Not vulnerable to litigation or licensing issues (as Nessus-based solutions potentially are)
Comprehensive test library - Safe Access includes hundreds of off-the-shelf tests that fully assess endpoint security posture. Tests categories include:
- OS Service Packs and Hotfixes
- Browser and OS security settings
- Antivirus, installed and up-to-date
- Personal firewall, installed and up-to-date
- Anti-spyware, installed and up-to-date
- Spyware (presence of)
- Peer-to-peer applications (presence of)
- Worms, viruses, and Trojans (presence of)
- Required software, administrator defined
- Prohibited software, administrator defined
Automated and manual endpoint repair
Safe Access facilitates a variety of remediation options for endpoints that test non-compliant with your security policy:
- Automated remediation — Integration with BigFix®, Microsoft® SMS, and Citadel Hercules natively supported; additional patch management integrations in development and available on request.
- Self remediation — Users notified of where their devices are deficient and provided with the remediation instructions.
- Access 'grace period' — Provides administrator-defined window of access (e.g., 3 days) to non-compliant devices to facilitate remediation.
Reporting for management and auditors - Safe Access' robust reporting capabilities allow you to meet the needs of auditors, managers, and IT staff. Reports provide concise security status information on device compliance and access activity. Available reports include: Device list, Actions taken, Access policy results, Test details, Test results, Test results by device, Test results by user, Test results by IP address, and more.
For more information:
Request a Safe Access trial More »
Safe Access test list More »
Safe Access system requirements More »
Safe Access support More »
Safe Access certifications More »
PCI compliance overview More »
Safe Access technical summary More »
Safe Access product datasheet More »
Safe Access feature list More »
Spyware brief More »
Network VirusWall Enforcer 1200/2500
Network VirusWall™ Enforcer delivers new plug-n-protect network access control to protect the network against the fastest growing source of infection—the mobile and remote workforce. This second generation Network VirusWall appliance controls network access by ensuring devices—managed or unmanaged, local or remote—comply with corporate security policies—before they can access the network.
Network VirusWall Enforcer scans devices for the most up-to-date security software and critical Microsoft patches—without requiring an agent to be pre-installed on a device. Non-compliant devices are immediately quarantined and sent through automatic remediation. The appliance also builds on proven Network VirusWall security, filtering network traffic to detect and block network worms and BOTs—with zero false positives.
Plug-n-Protect Access Control
Network VirusWall Enforcer does not require an agent to be preinstalled on a device, which means you have full access control even for partners, contractors, and visitors. The plug-n-protect appliance provides all the tools you need, when you need them, including:
- Remote Port Scan - checks the security of any device managed or unmanaged by performing a remote port scan before the device can connect to the network.
- Temporary Dynamic Scan - scans for hundreds of versions of antivirus software, critical Microsoft ™ patches, and registry parameters. The process is fully automated.
On-Demand Security - automatically installs an on-demand agent to secure an unprotected device while the user remains connected to the corporate network.
McAfee Policy Enforcer network access control
Protect your network and your business from noncompliant systems - One infected or noncompliant system on your network can disable your business, damage your reputation, or subject you to regulatory fines. McAfee® Policy Enforcer network access control (NAC) reduces this risk by limiting network access only to systems that comply with your security policies.
- Discovers noncompliant systems - Detect both managed and unmanaged systems that could cause harm to your network and its users
- Comprehensive system checks - Quickly and easily assess the compliance of quarantined unmanaged systems with McAfee NAC's agent-on-demand
- Broad enforcement - Get built-in enforcement for managed and unmanaged systems connected locally or remotely (LAN, WAN, IPSec, VPN, or SSL); McAfee NAC also provides integration with third-party enforcement framework methods like Cisco Network Admission Control
- Centralized management and control - Manage and control access to your network, along with your other system security products, through a single console with McAfee Policy Enforcer and McAfee® ePolicy Orchestrator®; define policies and get centralized reporting of failed compliance checks and remediation action from the ePO™ console
- Integrates with Cisco ® NAC - Supports Cisco NAC-enabled switches, routers, and VPN gateways; McAfee NAC provides policy definition, system assessment, and remediation, and Cisco NAC offers system detection and enforcement
- Automated remediation options - Offers automated self-remediation through McAfee Total Protection - Advanced and third-party solutions; users can also be directed to a remediation portal where the administrator can recommend specific action
eEye Digital Security Blink, www.eeye.com
As the industry’s first endpoint security solution to incorporate multiple layers of proven technologies in a single agent, eEye Digital Security’s Blink Professional solution addresses today's most pressing security challenge: Protecting and controlling the security risk of clients across all types of threats and as assets move from corporate networks to less secure public or home networks.
To provide this level of security, Blink combines and integrates the technologies of:
- Protocol based intrusion prevention
- Anti-spyware technology
- Anti-Phishing and Identity theft protection
- System firewall
- Application firewall
- Local vulnerability assessment based on eEye's Retina® Network Security Scanner
- Policy-based application and process control
- Policy-based control over USB and other removable storage devices
- Attack and event reporting to REM Management Console
- Dynamic Policies
Blink’s integrated layers of endpoint security work hand-in-hand to provide the most comprehensive protection from targeted and propagated attacks, all in a single, small-footprint agent. Blink's intrusion prevention system protects network assets from both known and undefined vulnerabilities, through periodic vulnerability assessments and non-intrusive process activity monitoring, helping eliminate zero-day attacks.
Blink includes the following features:
- Application Policy Control
- Anti Spyware Protection .
- Identity Theft Protection/Anti-Phishing
- System and Application Firewall Technology
- Instant Messenger Policy Enforcement
- Generic Buffer Overflow Protection
- Non-Signature Based Attack Prevention
- Inbound and Outbound Port Blocking
- Non-Intrusive Protocol Analysis
- Removable Storage Control
For more information: http://www.eeye.com/html/resources/index.html
PatchLink Quarantine™ addresses the growing problem of unprotected computers that expose the enterprise to risks and compliance issues. The comprehensive quarantine system comprises several hardware and software components, each responsible for a specific aspect of the four-phase process: blocking access to the network, assessing the potential threat, remediating the potential threat, and authorizing access to the network. Quarantine is an important strategy for network security. visiting, mobile, and VPN users can connect unchecked devices to your network, creating holes for the latest viruses, worms, and malware to enter your corporate infrastructure. The quarantine process evaluates a system as it attempts to connect to the network, and then prevents the network connection if it discovers missing patches, incomplete virus protection, or other security configuration issues. Security evaluation after a connection is established is too late, because attacks from a corrupted system can begin at connection.
PatchLink Quarantine ensures automated enforcement of network security policies on an ongoing basis. PatchLink Quarantine identifies computers that are attempting to access the network, quarantines them, evaluates them for threats, and remediates as necessary. Once remediation is complete and the end-point meets security policy standards, it is granted access to the network.
For more information:
To know more about any of Secure Datacom’s Security Solutions, contact your SDI salesperson or email us.