In-Band NAC: Three Products You Should Know About
Rolling Review wraps up assessment of ConSentry's LANShield Controller, Nevis' LANenforcer, and Vernier's Edgewall.
ENJOY THE VIEW
Every security vendor wants to sell you a "compliance solution," and ConSentry, Nevis, and Vernier are no different. The location of in-band NAC appliances does give give them a unique view of the protocols, applications, and activities on your network. Depending on what data is gathered during a host assessment, even endpoint configuration can be reported on. Included reports may satisfy some compliance reporting, but you'll need to merge the data with other network stats to get an overall picture.
Reporting covers daily, weekly, or monthly roll-ups that give the big-picture view. Unfortunately, Vernier's roll-up reporting was nonexistent; we were limited to viewing real-time events and exporting data to external servers using syslog. While we don't expect full-blown log analysis in a NAC product, historical trending and automated reporting should be basic features. Both ConSentry and Nevis offered more in-depth reporting.
ConSentry's and Nevis' management products offered scheduled capabilities that could be used for long-term trending and reporting. ConSentry's report templates were more robust and configurable than Nevis'; in addition, Nevis had few report templates, and they relied on using Crystal Reports to build custom trend reports.
Where Nevis has an edge is in troubleshooting. We could easily discover and resolve connection issues using the tools Nevis provided, while ConSentry's offering took more effort. Vernier's troubleshooting tools left much to be desired.
In the end, no one product emerged as the Editor's Choice or as a Best Value. But both ConSentry's LANShield and Nevis' LANenforcer made our Short List. And the real winners are enterprise IT groups: In-band NAC vendors are in an arms race. ConSentry's newest version, shipping in the first quarter of 2008, should enhance an already strong product offering. Vernier does have some ground to make up on the policy and reporting fronts, but both ConSentry and Nevis could take a page from Vernier's playbook and beef up their host assessment functions. We'll be keeping an eye on this space.
THE REPORT: NAC Tutorial
Here's how to protect your networks from jmalicious and misconfigured hosts:
See all our reports at informationweekreports.com
About the Author
You May Also Like
2024 InformationWeek US IT Salary Report
Aug 15, 20242024 InformationWeek US IT Salary Report
May 29, 20242022 State of ITOps and SecOps
Jun 21, 2022