Cisco NAC Appliance
Cisco has made several enhancements to the Cisco NAC Appliance that address ease of deployment and scalability issues. (11/25/2008)

Price: $495

| Client Access |

ConSentry Networks LANShield
ConSentry’s ability to attract attention in the NAC market has traditionally centered on its hardware prowess, but the company is showing more focus on the software components it needs to deliver a comprehensive NAC solution. (11/25/2008)

Price: $495

| Client Access |

Juniper Networks Unified Access Control 2.1
Juniper has emerged as a thought leader in the NAC market and it continues to mature its Unified Access Control solution rapidly. (11/25/2008)

Price: $495

| Client Access |

McAfee NAC 3.0
McAfee has released NAC 3.0, which adds network components to the suite as well as interoperability with Microsoft’s NAP framework. (11/18/2008)

Price: $495

| Client Access |

StillSecure SafeAccess
StillSecure is an innovative player in the NAC market. It fields a product with strong host posture and remediation features and continues to be a popular technology partner with network equipment vendors looking to jumpstart their NAC stories. (11/18/2008)

Price: $495

| Client Access |

Symantec NAC 11.0
Symantec continues to work to better integrate its NAC solution with its broader suite of security and systems management products. (11/18/2008)

Price: $495

| Client Access |

Purchase Reports Online Purchasing and downloading reports online is quick and easy. 1. Accept the license agreement prepared by our lawyers.* 2. Select the reports you wish to purchase by clicking the "Purchase" button just below the report name and description. 3. Follow the checkout steps on our secure e-commerce site. All information you exchange with the secure site cannot be viewed by anyone else on the Web. All information is confidential and is used for internal purposes only. Under no circumstance will Current Analysis sell or otherwise redistribute this information. We accept the following credit cards: 4. Once your credit card is confirmed, you can download the reports. Reports are in a PDF format. We recommend you view the reports with the latest version of Adobe Acrobat Reader 5. Special Offer: If you purchase two or more reports in one category, we will send you a free Head-to-Head product comparison in one business day. More information. Contact us for special requirements. *The license grants rights to a single user for internal business or personal use only. Please contact us regarding licenses for enterprise-wide use, external use, and reprint rights. Contact Information Telephone: +1 703-788-3675 or email: Back to Top

• 
  Sections
  
• - Current Perspective Rating
• - Product Strengths & Weaknesses
• - Product Buying Criteria
• - Product Metrics

Page count: 7-8 pages per Product Advisor

Special Offer: Purchase two or more Product Advisors and get a free Head-to-Head product comparison of those products at no cost.

Top

• Buying Criteria
  • Pre-connect Host Posture Assessment
  • Ability to determine the security state, or health, of each device as it attempts to authentication to the network. Typical software checks would include presence of updated AV software and OS patches. Configuration checks might include confirmation that AV and firewall software is turned on. Solutions should be able to create, manage and confirm compliance with policy on a per user or group level.
  • Non-compliant Host Quarantine and Remediation
  • Ability to place non-compliant devices into a restricted subnet where typically the only available resources are remediation servers and/or Internet access if additional third party remediation resources are also required. Solutions do not need to include patch management functionality but should integrate with existing patch management products.
  • Identity Awareness
  • Ability to capture authentication information and to link user identity to network traffic. NAC solutions are NOT expected to perform network authentication, rather they are expected to help enforce authentication by leveraging existing AAA and directory services and redirecting unmanaged devices (e.g., using captive portals) where identity information can be collected. Identity information can also provide an important overlay to network traffic data for audit and reporting capabilities. Ability to deliver policy driven access to network resources based on user identity. Solutions should be able to extract role data from existing identity databases and support role-based provisioning and access management based on corporate or regulatory access policy.
  • Post-connection Threat Detection and Containment
  • Ability to continuously monitor network traffic and react to threats in real time by leveraging NAC quarantine enforcement. Solutions typically employ behavioral anomaly techniques to detect unknown threats to the network. Enforcement and remediation are done through the same infrastructure that supports pre-admission NAC.
  • Cost and Ease of Use
  • Network access control is a complex, immature, and evolving concept. Ease of deployment and the associated issue of scalability are important buying criteria. Interoperability with network infrastructure, security products, both host-based and network based, and systems management solutions are also important considerations. And finally, given the scope of NAC deployments, cost is always an important consideration.

Top

---

• Product Metrics
  • Endpoint Detection
    • RADIUS Server
    • DHCP
    • 802.1x
    • Inline Appliance
    • Out of Band Appliance/Passive Scanner
    • IPSec VPN
    • SSL VPN
    • Other
  • Posture Checking (Means)
    • Agent (Native or Third-party)
    • Temporary Agent (Native or Third-party)
    • Agentless
  • Posture Checking (Depth)
    • OS Patches
    • Software Whitelists
    • Registry Settings
    • Personal Firewall
    • HIPS
    • Software Blacklists
    • Software Configurations
    • System/Policy Mgmt Agents
    • Patch Mgmt Agents
    • Microsoft Security Patches
  • Quarantine Enforcement
    • VLANs
    • Endpoint
    • Switch
    • Router
    • DHCP
    • Network-based Inline
    • Network-based Out of Band
    • Other
  • Remediation
    • Trouble Ticketing Systems
    • Patch Managers
    • Systems Mgmt Systems
    • Network Mgmt Systems
    • Vulnerability Mgmt Systems
    • Other
  • Policy Mgmt & Reporting
    • Policy Creation Environment
    • Policy Templates
    • Reports by Industry Regulation
    • Aggregate Security Status Reports Tied to Policy
    • Reports by IP Address/MAC Address/User Name
    • Custom Reporting
  • Identity-based Authentication
    • RADIUS
    • AD/LDAP
    • Windows Login
    • Web Login
    • Identity-aware DHCP
    • Other
  • Network Resource Access Control
    • Role-based Provisioning
    • Extract Role Info from LDAP
    • Extract Role Info from Active Directory
    • Extract Role Info from RADIUS
    • Tie User to Traffic/Policy
    • Allow Segmented Access Based on Risk
    • Post-connect Security
    Post-connect Security
    • Continual Real-time Infection Detection
    • Firewall Policies
    • Anomaly Detection
    • Signature Matching
    • Other
  • Continual Real-time Infection Detection
    • IPS
    • Firewall
    • Dedicated Appliance
    • Switch or Router-based Enforcement
    • Other
  • Pricing
    • Priced per seat/box/etc.
    • Base List Price
  • • Back to Top

  ---

  Current Perspective Definitions

  Very Threatening: Market leader, major product enhancement, or ground-breaking product alters competitive landscape.
  
  Threatening: Significant product enhancement or a new product that results in stronger market position and a competitive advantage.
  
  Competitive: Solid, but middle of the road market position. Expected to neither gain nor lose appreciable market share, and to be strongest in the installed base.
  
  Vulnerable: Lacks performance, features and/or functionality of competition, overprices for functionality.
  
  Very vulnerable: Technology significantly behind competitors, very limited functionality at very high price points.
  

Purchase Reports Online Purchasing and downloading reports online is quick and easy. 1. Accept the license agreement prepared by our lawyers.* 2. Select the reports you wish to purchase by clicking the "Purchase" button just below the report name and description. 3. Follow the checkout steps on our secure e-commerce site. All information you exchange with the secure site cannot be viewed by anyone else on the Web. All information is confidential and is used for internal purposes only. Under no circumstance will Current Analysis sell or otherwise redistribute this information. We accept the following credit cards: 4. Once your credit card is confirmed, you can download the reports. Reports are in a PDF format. We recommend you view the reports with the latest version of Adobe Acrobat Reader 5. Special Offer: If you purchase two or more reports in one category, we will send you a free Head-to-Head product comparison in one business day. More information. Contact us for special requirements. *The license grants rights to a single user for internal business or personal use only. Please contact us regarding licenses for enterprise-wide use, external use, and reprint rights. Contact Information Telephone: +1 703-788-3675 or email: