Insightix Revamps NAC Software

 
 
By Matt Hines  |  Posted 2006-11-28
 
 
 
Network security software maker Insightix released the latest version of its NAC package on Nov. 28, adding new features for managing remote users access to IT systems, along with expanded remediation tools and administrative capabilities.

Dubbed Insightix NAC 3.0, the updated network access control software promises to give enterprises even greater ability to check the security status of devices attempting to log onto their networks, and to do so using existing infrastructure.

The ability to create a NAC security system using legacy switches and networking gear is one of the firms primary differentiators in going to market against Cisco Systems, which is one of the largest firms pushing adoption of its own Network Admission Control technology in the name of helping to reduce external intrusions.

Among the additions in Insightix NAC 3.0 is the Quarantine Silo feature, which promises to help further ensure that even devices pre-authorized by the system are not granted access to additional network elements until sophisticated checks for compliance with security policies are completed.

Click here to read more about agentless network discovery from Insightix.

Some NAC systems allow partial network entry to such devices, which allows unauthorized users to dupe security systems, according to Ofir Arkin, chief technology officer of Insightix, based in Raanana, Israel.

The Quarantine Silo function, on the other hand, promises to require devices to be amended with any necessary security updates before being given access to other network assets. Arkin has become a recognized expert in the area of NAC security, presenting on the subject to attendees of this years Black Hat security conference held in August in Las Vegas.

Insightix has filed for a software patent to secure its control of the NAC quarantine technology, as the company contends that its products ability to completely wall off access to wider IT networks, while still allowing users to connect and have their devices updated to gain security approval, remains unique. The system works without requiring any software agent on an endpoint device, and without directly contacting switches, another potential security shortcoming in other products, Arkin said.

"Its very important to block access to everything, even local subnets, as someone could potentially use those network assets to work around other types of NAC systems," Arkin said. "If someone is able to gather any sort of additional information about your network, or gain some wider level of access, theres a good chance that they can use that to circumvent the NAC system altogether and get into your corporate environment."

In addition to allowing use with existing networking technologies, Insightix said the agent-free system also speeds deployment of the software, which the company claims can be completed in only a matter of hours since it does not require updates to individual PCs or servers.

Building an Integrated IT Security Strategy for 2007: eSeminars invites you to join this virtual tradeshow on November 30, and learn how to reduce security costs and mitigate the risks associated with users and their access rights across your entire organization. Click here to read more.

Among the other features touted by Insightix in Version 3.0 are significant upgrades to the softwares policy engine, which is used for defining the security compliance checks that are performed on devices as they attempt to connect to a network.

The latest set of compliance checks includes support for all Windows-based operating systems, including verification of the Microsoft operating systems service pack level, security patches and status of anti-virus software.

"The biggest differentiator that we have is that you can deploy NAC and still live with what you have in terms of networking infrastructure," Arkin said. "Its extremely important for those companies who cant or dont want to replace their existing systems to be able to install NAC today; and at the end of the day, even if you deploy Cisco and invest thousands of dollars on new equipment, you still wont be able to identify all of the devices on your network using their technology, and we feel thats a huge missing piece present in a lot of the rival technologies out there."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at Ryan Naraines eWEEK Security Watch blog.

Rocket Fuel