Once they're in place, the policies are enforced as expected, with all scenarios tested successfully.
One challenge, however, is the device-based focus on InSight. Policies are pushed to the devices, so you can manage all of your devices at once, but the devices do not respond together to changes in the network, such as the blocking of a specific device or user on the basis of an alert from an IPS. This may be a limitation for larger installations and dynamic environments that require a tighter feedback loop.
Rich reporting options
Put simply, ConSentry has nailed reporting for policy-based networking. Its extensive and comprehensive reports and customizable dashboard present a benchmark for reporting. It is clear at a glance what is happening on the network, how many of what states of devices are connected to the network, what users are doing, and so on. The reporting interface is a clear Web-based graphical system that brings to mind the best of the business metrics management systems available today.
Pre-defined reports provide a broad range of options for addressing compliance, auditing, and other requirements. Using the available reports, it is simple to customize a reporting environment to suit even the most complex requirements.
We were able to quickly create a dashboard containing a set of metrics that were of interest to us, and the array of possible reports is comfortingly large.
The most recent release of LANShield OS (3.2) includes a number of enhancements to the reporting, including a more detailed view of users' activities. Using these reports, administrators can review network traffic for individual users and groups, as well as correlate applications to their users. This can be particularly helpful in corporate policy making and enforcement.
ConSentry provides a comprehensive set of products that allows for a heterogeneous installation of edge and core components to provide a logical migration for a typical non-greenfield environment. Using the LANShield Switches at the edge as additional or replacement switches and the LANShield Controller to manage traffic from existing edge systems, enterprises will find a solid approach with ConSentry's offerings.
Due to the broad range of offerings, a ConSentry solution can be effective for midsize companies to large enterprises. The most comprehensive implementations will include replacement of edge switches in the most susceptible areas of the network. ConSentry's special strength is in reporting and information presentation, offering a best-of-breed dashboard for policy-based networking that other vendors would do well to emulate.