Juniper Networks is linking its intrusion-detection platforms to its NAC gear, making it possible to restrict devices that manage to gain network access by passing health checks but then pose a threat once they are on.
With a new version of its Unified Access Control (UAC) software -- Juniper's name for NAC -- data gathered from the company's Intrusion Detection and Prevention (IDP) platforms can trigger its UAC gear to block potentially malicious traffic at its source. Operating alone, IDP drops suspect packets, but doesn't deal with where they come from.
This integration gives Juniper a flavor of postadmission NAC by supplying its UAC Infranet Controller with data about application traffic. The controller can correlate the anomalies and threats IDP finds with specific users. Then it can apply policies to mitigate threats. So if a device is the source of a threat, it can be quarantined or have malicious sessions cut off. If the event is less severe, the controller can just log it.
Before, the NAC gear simply wouldn't know about threats found by IDP.
Enterasys integrated its IDP with its intrusion-detection gar in January, and other NAC vendors, such as ConSentry, ForeScout, Insightix and Tipping Point, already offer postadmission NAC.
The new software supports only integration with Juniper's IDP, so customers with IDP gear from another vendor don't gain from this feature, says Andrew Braunberg, an analyst with Current Analysis. He says demand from customers may ultimately push the company toward third-party integration.
Juniper is also announcing that it has a version of its UAC client software that operates with the Microsoft Vista operating system. Previously, it worked with Windows XP and Windows 2000. Braunberg says this does not mean the network-access protection (NAP) client -- Microsoft's name for NAC -- that is built into Vista can substitute for Juniper's UAC client. So customers cannot avoid deploying a separate client if they use UAC.
The new UAC software supports automatically fixing shortcomings in Windows machines that are found out of compliance with the access policies UAC enforces. So if certain files are missing from the machines or certain processes are turned off, the Infranet Controller can fetch them or turn them on. Before, in all cases, if a machine failed its health check, the user had to manually update it.
Along with this, the software can find out more than before about the security posture of the endpoints it checks out. To do this, Juniper is incorporating Shavlik NetChk software in its platform to more thoroughly assess a wide variety of security patches.
All these new features come with UAC 2.1, which is available at the end of the month.
- +
Process Trip 04/02/2008 13:07:03
Why Maritz Travel revamped key business processes — and how business and IT came together to make it workWhen Rich Phillips became COO OF Maritz Travel about two and-a-half years ago, he sat down and took a hard look at the big industry picture - +
Strategies for Dealing With IT Complexity 24/12/2007 10:30:47
Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.Every innovation, every business process improvement, comes with an IT complexity tax that must be paid by CIOs in time, money and sweat. Here are strategies to mitigate the increasing complexity of IT as it enables new business.
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.
Discover how SOA can create smarter outcomes for your business.
Attend and learn:
- How SOA is helping leading companies to become more agile
- Where you should be applying SOA processes in your company
- The top SOA implementation mistakes to avoid
Click here for more information.
- +
Computerworld Live Podcast #97: The Future of Enterprise Networking 25/07/2008 09:45:36
This week CW Live chats with Mark Thompson, global sales and marketing manager for HP ProCurve, on the future of the enterprise networking. Mark discusses the trends we can expect to see in the near future and how the right infrastructure can ensure your enterprise network is secure. - +
Computerworld Live Podcast #96: Security at the Edge 11/06/2008 09:22:22
CW Live speaks with Amol Mitra, HP ProCurve Director of Marketing for Asia Pacific and Japan. Today's topic: how enterprises are starting to shift away from simply controlling security via server logins, firewalls and moving to more adaptive security frameworks. - +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future.
Orbis selects Telstra International as its data centre partner for the UK, Europe and Middle East Region 2008-12-02 11:23:00+11
ComOps Deploys Corporate Performance Reporting Solution For Healthcare Test Manufacturer 2008-12-02 10:09:00+11
Mornington Peninsula Shire implements Objective to manage knowledge and deliver service excellence 2008-12-02 09:56:00+11
Virtual magic: HR specialist throws out 40 servers, adds 8TB SAN and saves $100,000 for disaster recovery 2008-12-01 15:28:00+11
Sybiz adds up for SMEs in downturn 2008-12-01 14:27:00+11
The state of Middleware
Middleware delivers unprecedented visibility and control over your business by making timely information available to decision makers. Organisations are using Middleware to leverage their existing IT investments, while optimizing their IT and business operations, securing their infrastructure and driving compliance. Read on to discover how Middleware can help you increase your businesses profitability.
Buying Guides
Latest Products
Buying Guides
