Magic Quadrant for Network Access Control.pdf - WIT

More documents

Recommendations

Info

Magic Quadrant for Network Access Control http://www.gartner.com/technology/media-products/reprints/j... 16 of 18 19/8/2553 15:31 technology, which has enabled it to cost-effectively integrate basic IPS capabilities in the LAN. Organizations that need the benefits of an in-line approach to NAC and can accept dealing with a geographically remote support organization should consider Nevis. Organizations that are located in India or China should consider Nevis. Return to Top Strengths Nevis' in-line positioning enables it to enforce granular user-based policies by dropping and filtering packets — a flexible approach to adding identity awareness to the network. The IPS capabilities in the LANenforcer products enable strong post-connect NAC functionality, using both signature and anomaly-based detection. LANenforcers provide application detection and control capability for applications that companies typically seek to limit, including instant messaging and other peer-to-peer applications, as well as gaming and streaming audio/video applications. Return to Top Cautions Outside of India and China, Nevis has a small presence and low market visibility. The requirement to deploy appliances in-line can be expensive, particularly in network topologies where the Nevis appliances are only partially used (for example, if many ports are left unused). Often, it is not cost-effective to deploy Nevis appliances in small remote offices or to enforce NAC in VPNs. Despite its increased market penetration in India and China, Nevis will be challenged to sell its LAN switches and NAC appliances against established network infrastructure vendors, such as Cisco, HP and Juniper. Return to Top Sophos In May 2010, Apax Partners, a private equity firm, announced plans to acquire 70% of Sophos. The deal gives Sophos additional financial backing, and should have limited impact on Sophos customers in 2010. Sophos offers two NAC solutions (both are based on technology from its 2007 acquisition of Endforce). Sophos' EPP suite, Endpoint Security and Control, provides basic NAC policy, reporting and enforcement capabilities. Sophos' NAC Advanced solution, which requires a separate agent and management console, provides more-advanced features, such as custom policy creation, stronger reporting capabilities and more enforcement options (including support for 802.1X). Sophos' NAC solutions are a reasonable choice for Sophos customers. Larger customers, with more-sophisticated needs, should evaluate the NAC Advanced solution. Return to Top Strengths Basic NAC functions are embedded (at no extra charge) in Sophos' Endpoint Security and Control suite, although this version does not support VPN environments (the NAC Advanced Solution is required for VPNs). The Sophos policy server acts as a RADIUS proxy and provides very flexible and granular support (for example, configuring vendor-specific attributes and subattributes) for interoperating with policy enforcement points. Return to Top Cautions Sophos is behind its major EPP suite competitors (McAfee and Symantec) in delivering an integrated NAC and EPP solution. Its NAC Advanced solution still requires a separate agent and management console, whereas Symantec and McAfee offer integrated NAC agents with their EPP solutions. Although Sophos has made progress in selling to larger accounts, the majority of its client base are SMB customers and are less likely to adopt its enterprise-class Advanced NAC offering.
Magic Quadrant for Network Access Control http://www.gartner.com/technology/media-products/reprints/j... 17 of 18 19/8/2553 15:31 Customer references said that Sophos' reporting capabilities are cumbersome and that its management dashboard does not provide enough drill-down troubleshooting capabilities. Return to Top StillSecure StillSecure sells IPS, NAC and vulnerability management products. In 2009, StillSecure acquired ProtectPoint, a small managed security service provider, to enter the security services business, but it does not offer managed NAC services. The StillSecure Safe Access NAC product offers a full-time agent, a dissolvable agent and an agentless assessment option. StillSecure has licensed its technology to network infrastructure vendors Extreme Networks, HP and Novell. Safe Access should be considered in NAC deployments where heterogeneous networks are in use and where organizations want the flexibility of agent or agentless baselining options. Return to Top Strengths Safe Access supports a broad range of endpoint baselining and enforcement methods. StillSecure Safe Access has received Common Criteria certification, which simplifies procurement for defense and government agencies. References consistently quote the quality of StillSecure's technical support and Safe Access integration with LAN switches as leading reasons for selecting Safe Access. Return to Top Cautions Safe Access has limited support for advanced guest network management functions. These features are on StillSecure's road map for 2010. As a relatively small security vendor, StillSecure's resources are spread across three product areas and the new management security services initiative. Return to Top Symantec Symantec's Network Access Control product consists of NAC agent capabilities integrated into Symantec's Endpoint Protection software, managed by the same Symantec Endpoint Protection manager. Like other EPP vendors, Symantec's strength in NAC is largely based on the capabilities of its Endpoint Protect agent, but it also supports a dissolvable agent and an agentless approach with an optional scanner. In 2010, Symantec acquired Gideon Technologies, and Symantec intends to integrate Gideon's SecureFusion vulnerability scanning into Symantec NAC by year-end 2010. Symantec also offers a Symantec NAC "Starter Edition" that does not offer 802.1X or DHCP enforcement. Symantec lost points in vision and moved into the Challengers quadrant, mainly because its support for the guest network use case remains weak. Symantec NAC should be considered when Symantec is the incumbent desktop EPP vendor. Return to Top Strengths Symantec's share in the EPP market enables it to aggressively price NAC as an integrated capability. Where Symantec's Altiris desktop management product is also in use, Symantec has a very strong story for remediating noncompliant endpoints. Symantec's dissolvable agent and in-line VPN enforcement capabilities are given strong marks by references. Symantec's NAC status display is effective and provides a strong capability for rapid drill-down into endpoint status. Return to Top
Page 1 and 2: Magic Quadrant for Network Access C
Page 15: Magic Quadrant for Network Access C

Magic Quadrant for Network Access Control.pdf - WIT

Create successful ePaper yourself

Delete template?

Save as template?