Enterasys, McAfee, Symantec, and Trend Micro tackle our user access control scenarios
Our test infrastructure for the NAC reviews included an edge switch for the client systems, a core switch with server VLANs for the common and secured servers, and a RADIUS server for authentication. Client systems connected into the edge switch, authenticated as defined for the specific scenarios, then accessed (or attempted to access) the various areas of the network: Internet, enterprise, and limited access. We created additional policy networks for remediation and scanning as well.
For the tests, we created policies for each of the following user scenarios when possible: guest users, authenticated guest users, enterprise users, enterprise users with special access, and guest or enterprise systems with policy violations.
For some of the products, not all of the user scenarios applied, so we created scenarios that made sense for each product and made note of the distinctions. In most cases, we used VLAN assignment to move devices into the appropriate policy. In the case of the Enterasys solution, we chose the better option of using port-based policies.
In the end, we discovered that all four systems worked as advertised. The important differences in capabilities and limitations we found were mainly the result of the different approaches these vendors have taken to policy-based access control.
The test results outlined any policies that the system is not designed to enforce and success in those that it can enforce. Key criteria for evaluation were manageability, policy enforcement, scalability, reporting, setup, and value. All of these products show that the NAC marketplace is maturing, the products are improving, and there is still room for innovation.
You may be better off sticking with Win7 or Win8.1, given a wide range of Win10 trade-offs and...
An obscure case involving dental aligners could have huge implications for the free flow of data across...
With Windows 10 out and betas careening off the edges, here’s what you can get and what you should...
There's no 5G technology, no 5G standard, no agreement on what 5G means, and thus, nothing to plan for ...
Credentials are the main battlefront in our ongoing computer security war. Deploy everything you have...
Amazon’s SDKs and back-end services provide everything you need to build cloud applications for...
According to Foote Partners, IT job growth in January 2016 was the worst in nearly a year and a half,...