RSA Conference gets the NAC

The vision of a more visibly secure and regulatory-compliant enterprise will be on prominent display this week at the RSA Conference 2006 in San Jose, Calif. In addition to providing a soapbox for high-caliber keynoters including Microsoft’s Bill Gates, Cisco’s John Chambers, and Symantec’s John Thompson, this year’s show will serve as the venue for product announcements ranging from policy enforcement to event management.

Topping the list will be a flurry of announcements regarding NAC (network access control). The NAC buzz will be fueled by McAfee, Symantec, and 3Com’s TippingPoint, all of which will be rolling out new NAC offerings.

McAfee enters the NAC arena with a policy enforcement module for ePO (ePolicy Orchestrator). Taking its instructions from ePO, McAfee Policy Enforcer ensures that client systems meet security configuration requirements and receive a clean bill of health before entering the network. An interesting twist: The solution can assess unmanaged systems using integrated Foundstone technology.

Symantec’s Network Access Control Enforcer appliances -- the first fruits of the company’s Sygate acquisition -- not only wrap the Sygate software in hardware with yellow labels, but also extend the enforcement options to DHCP and beef up the malware defenses of the on-demand agent.

TippingPoint’s new agentless NAC solution, TippingPoint Quarantine Protection, uses the company’s intrusion prevention appliance to identify infected systems and block or redirect them to a remediation Web page. This system can also work with switches and network management systems to control access.

Security management will also get plenty of attention at RSA. Emphasizing the need for tighter integration between security and network management, Cisco will unveil the Cisco Security Management Suite, which couples a revamped Cisco Security Manager and Cisco Security MARS (Monitoring, Analysis, and Report System). The new integration aims to make it easier to coordinate changes to the network to mitigate attacks.

Network Intelligence will introduce an analytics tool for its SIM (security information management) appliance that allows users to visualize log data from multiple sources in real time. Competitor e-Security will unveil a SIM appliance for midsize organizations, and NetIQ will introduce a security management solution for Cisco VoIP that combines its AppManager and Security Manager offerings.

In other corners of the RSA show floor, Internet Security Systems will roll out a network anomaly detection system that analyzes flow data from switches and routers; Vontu will show a new edition of its “data loss prevention” platform, which extends monitoring and blocking to SSL streams and automated policy enforcement to data at rest; and identity management vendors HP and Novell will be rolling out auditing and reporting packages aimed at soothing compliance pains. Security and compliance are still good friends.