| [October 22, 2007] |
 |
Lockdown Networks Increases NAC Flexibility with Multiple Quarantine Methods
SEATTLE --(Business Wire)-- Lockdown Networks(R), the leading provider of Network Access Control (NAC) solutions that keep IT and security teams in control of who and what is on their networks, today announced an upgrade to Lockdown Enforcer(TM) that enables very fast deployments through expanded policy enforcement options. Lockdown Enforcer now supports two modes of quarantine, highly secure VLAN and fast-to-deploy IP Subnet Quarantine (ISQ(TM)). Using ISQ, NAC can be rapidly deployed on the network, enabling out-of-band NAC to be deployed in as little as one hour. The ISQ deployment option can be used both as a standalone approach to enforcing NAC, or as a quick start to a larger, more robust installation including hybrid ISQ/virtual local area networks (VLAN) or pure VLAN quarantine implementations. In addition, Lockdown has enhanced its support for the Microsoft Network Access Protection (NAP) framework to include automatic NAP agent detection.
Large enterprises ready to implement enterprise-wide NAC solutions require flexibility in deployment use cases to strike the right balance between their policy objectives and the cost of deploying a solution. The ISQ mode utilizes IP subnets for quarantine, which makes it exceptionally easy to deploy and manage, while the VLAN mode is more secure. The ISQ mode works by installing Lockdown Enforcer as a DHCP relay in the network, allowing an Enforcer to manage multiple instances of a DHCP server, without requiring multiple inline appliances, proprietary DHCP servers, or modification of the DHCP servers.
Lockdown ISQ enables companies to create a deployment approach matched to their specific objectives. For example, a low-risk call center can be rapidly enforced using ISQ, while a riskier field service and repair office, a data center, or the financial department, may be supported using VLANs.
"The enhanced Enforcer reflects the maturity of the NAC market requirements. While early NAC adopters have focused on VLANs as a security enforcement method, a diverse set of security policies in enterprises calls for an equally diverse set of enforcement methods," said Joel Snyder, senior partner with Opus One. "DHCP quarantine offers a different security model than VLANs, but may be very appropriate in branch offices or compliance-focused NAC deployments. By supporting a variety of use cases, Lockdown Networks provides a highly flexible and comprehensive solution that enables immediate ROI."
A Flexible NAC Solution for All Network Environments
The flexible Lockdown Enforcer aligns NAC deployments to the needs of industry, enterprise and individual users, and features the following enhancements:
-- Ability to Deploy "Mix and Match" Quarantine Modes--Accelerates NAC rollout using ISQ to realize immediate results, and supports managed rollout of VLAN quarantine as dictated by policy objectives. ISQ also enhances support for use cases such as virtual machines, hubs and unmanaged switches. Both ISQ and VLAN quarantine work in VOIP environments.
-- IP Quarantine Done Different--Lockdown Enforcer deploys ISQ without modifications or plugins for DHCP servers, and without requiring inline appliances in front of each DHCP server. By acting as a relay, Lockdown Enforcer supports multiple instances of a DHCP server on a single appliance. Furthermore, Lockdown Enforcer supports VLAN/ISQ hybrid deployments. Both quarantine modes can be applied to any control point, right down to the port level, for extremely flexible deployment.
-- Auto-Detection of NAP Clients--Expanding on Lockdown's integration with Microsoft's Network Access Protection solution, Lockdown can now auto-detect NAP clients, completing Lockdown's ability to enforce NAP policy for NAP and non-NAP endpoints on the network, and complementing its capacity to apply NAP to endpoints such as legacy Windows devices, Linux systems, Mac computers, embedded systems, and other devices incapable of supporting NAP clients.
"The new release of Lockdown Enforcer is geared towards enterprises that require flexibility and control for large-scale deployments. By offering flexible deployment options, Lockdown Enforcer enables companies to quick-start NAC rollouts using ISQ, then apply VLAN quarantine to the network as required by security and network policies," said Brett Helsel, CEO of Lockdown Networks. "While this is a major feature update for us, it continues to embody our commitment to open standards, leveraging existing network and security infrastructure, and providing a flexible policy-driven solution for automating network access control."
Pricing and Availability
Lockdown Enforcer with ISQ is available now. Pricing is $24,995 for a 1U Lockdown Enforcer appliance.
About Lockdown Enforcer
Lockdown Enforcer is the only available standards-based NAC solution supporting all devices on the network regardless of access method, without requiring massive network upgrades, impacting network performance or scalability, and without creating clusters of vulnerable devices. It offers continuous security monitoring to:
-- Identify and authenticate users through 802.1x, Windows, RADIUS, Kerberos, NDA and Web-Login
-- Assess for vulnerabilities with agentless or agent-based scans, including more than 11,000 tests, and supports inputs from external best-of-breed security systems
-- Enforce via VLAN, DHCP and remote access
-- Report on network access, quarantine and remediation actions via pre-built and custom reports
About Lockdown Networks, Inc. Lockdown Networks(TM) Inc. is the leading provider of Network Access Control (NAC) solutions that keep IT and security teams in control of who and what is on their networks. Lockdown Networks leverages existing network infrastructure to deliver an all-in-one platform for enterprise-wide policy enforcement that maximizes network uptime and productivity while reducing compliance costs. Lockdown NAC is delivered on a suite of highly scalable appliances: Lockdown Enforcer(TM), Lockdown Commander(TM) and Lockdown Sentry(TM). The Lockdown Intelligent NAC (iNAC(TM)) architecture integrates NAC with external security, endpoint, networking and infrastructure systems while the iNAC partner program enables third-party solution providers to collaborate on network access policy decisions, sharing information critical to network and endpoint security. Intel Capital has invested in Lockdown Networks, expanding the power of Lockdown NAC through support for Intel(R) vPro. Additionally, Lockdown earned the 2007 Info Security Hot Companies Award and the 2006 Red Herring 100 Award. For more information, visit www.LockdownNetworks.com.
[ Back To TMCnet.com's Homepage ]
|
TMCnet LOGIN
Webinars
