Identity Engines Delivers Platform for Network Ide?
So finally the company is out with the product. I have been hearing about this company for some time now. Any way seems like these guys are catering to the requirement of companies that want to control access to their network in much secured fashion. Most of these guys have need to perform the following functions
- Sequestering the machine hooked to the environment unless validated (so it may not even be able to get a IP via dhcp)
- the laptop would be checked for latest version of firewall, antivirus with the latest updates.
- The user would need to authenticate to ensure that it gets access to the network.
- (Not seen a lot though) if the user tries to access an application this access needs to be managed.
- Auditing all these events with additional information for monitoring and analysis.
- sequesting of machine - this is a tough nut to crack but I think combining with user authentication at switch level can achieve the same result.
- user authentication - which is provided by most of the managed switches through support of 802.1x and RADIUS (I will be implementing something in next few days for my company and will have more to write about it at that time)
- Application access control - I am not clear what is the mechanism implemented with regards to mapping the identity to a machine after machine has been authenticated. If it uses the IP address or mac address, then theoretically the battle is lost since these can be spoofed. So, would really be looking forward to get information on this.
- Security Compliance - I did not see feature support for making sure machine is compliant before allowing it on network.
Comments