Symantec NAC Tool Takes Integrated Approach to Network Security

Moving its integrated security and risk management strategy a step further, anti-virus market leader Symantec debuts its maiden NAC system to help businesses restrict access to their networks.

SAN FRANCISCO—Security software market leader Symantec introduced its first network access control package here at the ongoing RSA Conference on Feb. 7, jumping into the expanding device authentication and security remediation arena established by networking giant Cisco Systems.

Labeled as Symantec Network Access Control, or SNAC, the product boasts a range of features and support for various computing platforms—including Ciscos and Microsofts versions of the technology—with officials of the Cupertino, Calif., company pitching the package as a vital new piece of its overarching corporate risk management strategy.

That effort, launched in October 2006, evangelizes the use of integrated products for solving both security and regulatory compliance issues for businesses, versus the use of stand-alone technologies from multiple vendors to solve various problems.

NAC systems are increasingly being adopted by organizations to verify the security posture of devices as they attempt to log onto IT networks.

While Cisco and other networking companies were the first to begin marketing the tools, primarily as a feature on their switches, a wide range of vendors from stand-alone startups to enterprise security giants such as Symantec are trying to grab a piece of the market.

/zimages/4/28571.gifCisco believes its NAC technology will continue to lead the market for years to come. Click here to read more.

Due in March, the SNAC system will be based around so-called agentless endpoint enforcement, meaning that there is no full-time software client installed on end users PCs. Among the other features detailed thus far by Symantec are support for Apples Mac OS X operating system—as well as Microsofts Windows—and integration with the 802.1x industry standard for network authentication.

One of the primary benefits of the Symantec product is its agentless, or "dissolvable," software client approach. With so many security products already residing on enterprise desktops, keeping the NAC systems impact on performance and memory to a minimum—and having more control over the application through its centralized distribution to endpoints—is a key differentiator, according to company officials.

Like other NAC products with so-called post-admission capabilities, the SNAC system claims pervasive coverage, keeping tabs on users and machines for potential misuse even after they have been approved for access to a corporate network.

The new package was developed through internal development and using the technologies brought onboard via Symantecs August 2005 buyout of Sygate. Just exactly what plans Symantec had for Sygates technology has been a topic of debate among industry watchers since the security giant announced the deal.

"We feel that Sygate gives us one of the most developed solutions on the market as they have essentially been doing NAC since 2001, long before we even talked about this type of product using that term," said Patrick Wheeler, senior product manager for endpoint security at Symantec. "We felt it was important to provide not only policy enforcement and host configuration security, but also to offer pervasive endpoint enforcement on any type of networking equipment our customers use."

One of the frequent criticisms launched at Cisco over its NAC technologies is that they are focused mainly on the vendors own networking hardware. Like many other NAC vendors that dont make their own networking gear, Symantec is touting its more agnostic approach as a major selling point to enterprises that maintain heterogeneous environments.

By providing a combination of security scanning tools—some of which have the ability to test the security of devices such as printers that have been cited as potential weak points in NAC systems when left open to attacks that spoof the machines identities to evade authentication—Symantec believes it can separate itself from the pack by delivering a more comprehensive approach to the technology.

/zimages/4/28571.gif2007 will see greater need for tight access control. Click here to read eWEEK Labs analysis.

"The idea is to avoid having any gaps in visibility, and you need to make sure that you can assess everything on your network for compliance policies, even these other types of non-PC devices," Wheeler said. "We feel its a major advantage to be vendor-agnostic from a networking standpoint. While just as we would love for the world to be all Symantec for security, its particularly important for customers to be able to provide protection over multiple platforms, and there are some major vendors out there who cant make that claim."

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.