Senforce Adds Intelligent Network Access Control To Endpoint Security Product Line

By | March 7, 2006

Senforce Technologies Inc., the leader in location-aware endpoint security enforcement, today launched Senforce intelligent Network Access Control (iNAC). An exciting extension of its award-winning endpoint security products, Senforce iNAC adds critical network protections that ensure all PCs are policy-compliant and threat-free before they can obtain access to the network. This announcement marks the first and only complete, centrally managed solution integrating proven endpoint and wireless security with network access control.

Joel Garr, IT manager of Ogden, UT-based Utah Digestive Health Institute, said: “A complete enterprise security solution should address two things: protecting desktop and mobile endpoint PCs from compromise; and protecting the networking infrastructure from potentially-compromised PCs.” He added: “Network access control is important technology, but is by itself only a partial solution. A truly unified approach needs to combine endpoint security and network access control to be effective. Used in combination with Senforce endpoint security technology, Senforce iNAC will give us this complete, unified solution.”

Senforce Endpoint Security Suite (ESS) and Senforce iNAC provide just such a two-prong approach. Senforce’s Endpoint Security Suite (ESS) provides policy-enforced endpoint protection for all desktop, mobile and wireless PCs. Agent-based ESS protects enterprise PCs with inward-facing endpoint integrity, advanced firewall, virtual private network (VPN) enforcement, Wi-Fi connectivity control, and local data storage protection for control of small storage devices like USB thumb drives and others. Patent-pending location-aware technology in ESS provides 24×7 protection wherever endpoints are, whether connected or not. Senforce iNAC now provides outward-facing endpoint security, focused on protecting the networked perimeter, and keeping the infrastructure safe from potential threats posed by endpoint PCs seeking access. Senforce is now marrying these together seamlessly, creating one single, elegant and highly comprehensive security solution that addresses the full range of user types (trusted and untrusted, foreign and internal, remote, and wireless endpoints).

Senforce iNAC ensures that endpoint devices are free from threats and in compliance with IT security policies before they are allowed on the network. It compares the security state of a device that is attempting to connect to a network to a set of policy attributes that define what security conditions must be met to allow network access. IT administrators can create access policies that (1) define which applications and services are permitted, and (2) specify actions to take when endpoint PCs don’t comply. Then, Senforce iNAC automatically applies access policies to these endpoints as they connect to the enterprise network.

Multiple testing and enforcement options are available for heterogeneous network environments for: Dynamic Host Configuration Protocol (DHCP) enforcement, 802.1X enforcement, Cisco NAC architecture enforcement, iNAC inline device enforcement, Endpoint enforcement (through Senforce ESS integration).

Senforce iNAC provides the security-minded enterprise with a scalable architecture and scalable price model to provide superior network access control and protection, giving control over non-corporate-owned, unmanaged, and foreign endpoints. Partners, contractors and guests no longer pose a security risk when they access the enterprise network—this is one of Senforce iNAC’s most significant benefits.

Key Senforce iNAC features include: • Network Access Control Policies: Senforce iNAC deployments are controlled by a set of access policies defined and stored within a policy server. Access policies consist of individual tests that evaluate the security posture of endpoint devices including desktop and notebook PCs, PDAs, etc.

• Endpoint Baseline Testing: The goal of testing a system´s baseline is to determine its security state so that a decision can be made about its network access level. Senforce iNAC automatically tests all devices attempting to access the network through LAN, RAS, VPN, or Wi-Fi connections.

• Access Control Enforcement: Senforce access control technology enforces an endpoint´s network access state. Devices testing compliant are granted access. Non-compliant devices are either quarantined or are given a grace period of access.

• Remediation: The Senforce iNAC solution includes automated or self-service remediation of the security flaws that are discovered during the baseline phase.

• Reporting: As vulnerabilities and attacks evolve, it is critical that administrators have real-time information available to them. Senforce iNAC provides continuous and accurate reporting information back to those responsible for making network and endpoint security decisions.

“In a noisy marketplace struggling to deliver cohesive endpoint security to the enterprise, Senforce delivers a unified approach that protects enterprise endpoint PCs from vulnerabilities, and protects the enterprise network from vulnerable endpoint PCs,” said Charles Kolodgy, director of Security Products at IDC. “This inside-out/outside-in approach to endpoint security integrating endpoint protection and network access control technologies extends security policy management to all endpoint types.”

“Senforce has a solid track record in delivering ‘inside-out’ endpoint security protection for the enterprise,” said Nolan Rosen, vice president of Marketing and Business Development, Senforce. “New Senforce iNAC with its ‘outside-in’ network access control protection joins with Senforce ESS for unified enterprise protection for all endpoints. Any devices interacting with the enterprise network—including those with ESS installed, and now those without—such as those used by guests, suppliers, or contractors need no enforcement agent on their PCs. Senforce iNAC also protects enterprise networks from hackers, intruders and opportunists probing the network edge with the possible intent of doing harm.”

Leave a Reply