NAC, VPNs and behavior analysis in the Interop spotlight

Security attacks on enterprises are on the rise, and this week's Interop New York provided a venue for products that address network managers' protection concerns.

Network behavior analysis (NBA) company Mazu Networks was among the companies announcing new products and upgrades to existing wares. The company upgraded its Mazu Profiler system, which it claims will lead to increased intelligence about network users, their activity and the critical business systems they use. Version 7.0 of the NBA system provides network managers with application, user and route-path identification, as well as two-way integration at the management layer, which the company claims creates more intelligent and actionable alerts.

Like many of the products announced at Interop, Mazu's rollout helps network professionals with purchasing decisions by giving insight into trends and emerging technologies.

"True to the threat protection space, Mazu is trying to provide network administrators with deeper levels of information on users' behavior in order to better combat unknown threats," said Charlotte Dunlap, analyst, security information, with Current Analysis. "Mazu's move to integrate with users' core technologies, including network and security management products, will help in the adoption of this emerging market.''

According to Mazu, the aim of the upgraded features is to give enterprises increased intelligence about network users, their activity and the critical business systems they are using.

Three new pieces of technology are responsible for the added functionality: application profiling, which provides deeper insight through Layer 7 analysis of the applications being used, independent of port number; user ID identification, which links risks and threats to specific users; and route path identification, which provides information on how people and applications use the network to communicate.

Network access control (NAC) is a hot topic, so -- not surprisingly -- products in this category made the news this week. StillSecure announced version 5.0 of its Safe Access v5.0 NAC system, which lets enterprises safeguard the inside of the network, as well as the perimeter. Safe Access 5.0 uses a single-pane-of-glass management into NAC through a centralized management console that consolidates all policy management, endpoint testing and enforcement activities.

The system also uses Enforcement Server clustering for accommodating thousands of users scattered among disparate locations, and it provides multi-user, role-based access. Safe Access 5.0 supports heterogeneous environments and a variety of endpoint connections, including LAN, remote, contract, visitors and wireless.

The new version also includes a new user interface targeting installations ranging from single sites to large enterprise-class networks.

Adding to the NAC mix, Mistletoe Technologies Inc. -- maker of a security system-on-a-chip (SoC) that features virtual private network (VPN), firewall, and Denial of Service (DoS) prevention applications loaded in silicon -- announced a new VPN appliance from an OEM partner.

IT connectivity product maker freedom9 launched a VPN appliance based on Mistletoe's RDX technology. The company's freeGuard Blaze 2100 is an eight-port Gigabit Ethernet Firewall/VPN appliance that provides 2 Gbps firewall protection and 2 Gbps 3DES/AES VPN throughput.

According to freedom9, the NAC addresses security concerns on the perimeter, as well as threats to the internal network, and integrates comprehensive DoS and Distributed DoS protection to fend off crippling attacks on VPN/firewall appliances. The company gears its products toward academic environments and claims that the appliance's low power consumption, active/passive high-availability features, and multivendor interoperability help simplify integration into existing networks.

Also on deck for NAC announcements was AEP Networks, which introduced its AEP NACpoint system. The product authenticates users requesting LAN access and performs a node posture validation scan of clients, meaning that it confirms that a machine is current on patches and anti-virus and spyware signatures. It then places offending clients in quarantine and enables remediation.

An NAC move by AEP expands the company's policy-based network protection from gateway application access to core LAN, so their lineup now covers network admission control, identity management and application assurance.

Addressing still other areas of enterprise security concern, Network Instruments integrated a new line of 10 GbE monitoring appliances in its Observer line of analyzers, probes and portable analyzer solutions.

The additional functionality gives network managers real-time analysis, monitoring and reporting of full-duplex 10 GbE across the network. The technology monitors and manages 10 GbE networks with more than 30 real-time statistics, sets alarms to proactively notify network managers about potential problems, and gathers long-term trending and reporting.

Meanwhile, Wave Systems Corp. and Network Chemistry Inc. each announced new security systems. Wave Systems announced two new IT security products. EMBASSY Network Access Control is designed to leverage existing network infrastructure and open industry standards for IT control over which PC clients can be used to access a network, locking out unauthorized machines. EMBASSY Endpoint Enforcer is an open, standards-based solution designed to work with many network access control solutions.

Wireless security vendor Network Chemistry Inc. introduced an upgrade to RFprotect Distributed for securing facilities and endpoints against wireless threats. The new version provides enterprises with an updated user interface and an easier-to-administer Web-based dashboard.