College NAC Specialist Goes Enterprise

After protecting college networks from security threats for years, Bradford believes it has a great story, and technology, to sell into the enterprise NAC market.

Security software maker Bradford Networks is stepping away from its history as a specialist providing network access control tools to colleges and universities and launching a new product line designed specifically for enterprise businesses.

On Jan. 24, Concord, N.H.-based Bradford introduced its NAC Director appliance, which promises to help large, distributed companies manage network authentication and security remediation to help prevent virus outbreaks and IT systems intrusions.

Like other network access control products, NAC Director offers to test devices as they attempt to log onto a network and ensure that the machines are compliant with all of an organizations security policies. Common queries carried out by such systems look to make sure that a device has the latest version of its anti-virus applications, and that the machine isnt trying to log on from suspicious IP addresses that might signify some form of attack.

The Bradford appliance specifically aims to allow companies to manage access for any type of network connection, including devices attaching via wired, wireless, or virtual private network systems, and also claims the ability to integrate with network infrastructure products marketed by a wide range of other vendors.

By comparison, Cisco Systems, largely credited with inventing the NAC space, is often criticized by its rivals for its products preference to be integrated with its own software, routers and switches.

Among the features touted by Bradford in the new NAC appliance is a seven-point device identity matching system that the company contends will prevent sophisticated efforts to dupe the technology into allowing unauthorized access.

The company is pitching NAC Director directly at the health care, finance and government sectors, which are known to be actively looking for tools to help meet the requirements of federal data-handling regulations, with Bradford touting the products ability to support up to hundreds of thousands of users.

Unlike many other software vendors trying to push their products into the enterprise NAC space, Bradford has a unique history that it is using to market itself to large businesses. Over the past four years, the company has sold a product known as Campus Manager NAC to a wide range of colleges and universities, including massive schools such as the University of Tennessee, that have helped those organizations authenticate end users devices and protect their networks.

Much as businesses are struggling to defend their IT systems as their operations become more distributed and they are forced to allow greater numbers of unfamiliar computers, used by remote workers, contractors and customers, to connect to their networks, colleges have been battling with similar problems for years.

Most college students use their own devices, not school-issued PCs, to log onto college networks, making it harder to enforce uniform security policies, Bradford officials said.

Click here to read more about NAC systems. And given the computing habits of college students, including the amateur hacking experiments known to be carried out by many burgeoning undergrad software developers and IT specialists, the range of threats that schools must deal with includes the entire range of attacks, according to the company.

By comparison, helping businesses that control many of their own devices and actively communicate strict security policies to end users could be considered less daunting, said Rick Leclerc, vice president of business development at Bradford.

"We found we were already getting discovered by enterprises without trying to move over there, as their environments are becoming very de-centralized, much like it has been for colleges for some time," Leclerc said. "Enterprises are dealing with lots of third parties, wireless, outsourcing providers and consultants, and they have increasing pressure from regulatory agencies to tighten, document and prove polices to protect data and improve security; these factors are making these enterprise more like the Wild West environment we already know about from the college space."

Bradfords largest current installation covers 30,000 seats, and the company estimates that it already authenticates roughly 1 million end user accounts for its customers.

NAC Director is priced starting at $6,495 and will be made generally available in March 2007.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.