NAC, juiced up

Share this article:
NAC, juiced up
NAC, juiced up

The appliance is about the size of a three-inch thick iPad. But inside the NetClarity NACWall Nano is more than enough power for a full 1U rack-mounted piece of hardware. This is NAC on steroids, sized and priced for small and midsize businesses (SMBs).

We connected the network, hooked up a screen and keyboard, and plugged the tool into the wall. We then pushed the blue power button and within seconds got a message on the screen that said it was ready to configure. There are 13 steps to this process, according to the excellent quick-start manual, and the last one is, “Congratulations! You have completed the initial operational deployment.”

This little powerhouse sports a lot of useful NAC-ish features: auditing, malware detection, VLAN support, Active Directory integration, smart switch integration and vulnerability management, just to name some of the big ones. Of course, it offers the usual device authentication, as well as machine tracking, so that rogue devices are kept off of the network, and we're notified if non-compliant devices are found, or they are simply blocked.

Once we had the box up and running – 12 steps really – we adjusted its clock, switched from our DHCP addressing to a static address (and back, just to see if we could), discovered all of the devices on our network, and updated the service pack, anti-malware software and CVE tests. Now, it will update itself about every three to five hours – as long as it is connected to the internet.

We were impressed with its ease of use. Network asset discovery, for example, was a one-click effort. We did change the subnet mask, but that was because we wanted to see if it would try to find what wasn't there (our test network is only a class C). It didn't.

The Nano is capable of sending alerts just about anywhere one wants. We chose email, and that worked fine. The other thing it can do is fit nicely into a distributed NACWall environment. A NACWall Enterprise device – bigger than the cigar-box-size Nano – can manage a whole group of Nanos. So, that means that even though the first reaction is that the Nano is for SMBs, it also is ideal for branch offices.

The Nano is managed via a web interface – using the protected https://, of course – and it routinely calls back to the mothership for updates. This device is about as easy to administer as it gets. It is just the ticket for the level of business for which it is intended. SMBs and branch offices can manage this tool with limited resources.

The desktop and administration menus are simple, straightforward, comprehensive and clean. There is absolutely no clutter in the menus, screens or logs. Audits are straightforward and build on the years of experience that this device demonstrates as its legacy. A big piece of that legacy is its agentless deployment. For large enterprises with many branches, that is a big plus.

Pricing starts at less than $1,500 and the tool comes in two sizes. We like this product – we have enjoyed its larger siblings for years – and it is clear that this device has a solid place in today's enterprises, large and small.


At a glance
Product: NACWall Nano
Company: NetClarity
Price: Starts at $1,495 and is available in two sizes: the Nano-25 and the Nano-100.
What it does: NAC on steroids in a tiny SMB-sized package.
What we liked: So much to like about this one that it's tough to separate out the best bits. If forced to, though, we would point to price-performance in a very small footprint.
What we didn't like: Nothing. This carries on the NetClarity legacy of first-rate products built with savvy and creative technology.

Share this article:

Sign up to our newsletters

More in First Looks

AhnLab's MDS: A comprehensive approach to malware management

AhnLab's MDS: A comprehensive approach to malware management

AhnLab refers to its product - MDS - as a malware defense system. I, however, think of it more as a malware management system.

Covering all the SAP bases

Covering all the SAP bases

X1 is an agentless SAP auditing tool that is able to map out entire SAP landscapes and display any insecure configurations on the individual elements of the landscape.

Digital forensic incident response in a box

Digital forensic incident response in a box

CIRT from AccessData Group is a full lifecycle forensic tool - from detecting to analyzing to remediating - and it's all in a single package.