When you can't trust the end point
TRENDS & TECHNOLOGIES that affect the way government does IT
- By Brad Grimes
- Mar 29, 2006
Keep out: Senforce just launched a flexible network access control platform.
Senforce Technologies Inc. of Draper, Utah, develops end-point security software focused on laptop and tablet PCs running Windows 2000 and XP. The company's Endpoint Security Suite is FIPS 140-2- and Common Criteria EAL 4-certified, and it comes with a driver-level firewall, VPN enforcement module and other features. As you'd expect, this level of security requires client software, which not every mobile system will have.
'About a year ago, our customers asked us to complement that with something that would address an agentless environment, or one where you could not have agents, such as in a contractor or guest environment,' said Nolan Rosen, the company's vice president of business development.
So last month, the company came out with its Intelligent Network Access Control, which tests mobile systems when they try and connect to a network to ensure they have policy-mandated patches, security software, etc. in place. If not, iNAC can quarantine the system, allow it limited access or offer it the chance to fix its problems.
The Senforce iNAC would work best in conjunction with the company's ESS, Rosen said, to create a more complete mobile security solution (although the fact that ESS doesn't work yet on handhelds is a chink in the armor'a chink the iNAC could fix). But iNAC can integrate with your infrastructure in various ways, including through proprietary Cisco NAC components. It also works with 802.1X-compliant switches or through Dynamic Host Configuration Protocol enforcement. It can also operate inline, if scalability isn't an issue for your office. According to Tim Cranny, Senforce's senior security architect, 'In a typical modern organization, you'll need a few of these options.'