Black Box Veri-NAC Appliance
Strengths: Full dynamic access control and auditing of network devices.
Weaknesses: None that we found.
Verdict: A solid suite of hardcore NAC products with a clear focus on keeping unauthorized systems and users off the network. We give Veri-NAC our Recommended this month.
SummaryThe Black Box Veri-NAC appliance provides agentless detection, alerting and blocking of attacks against a variety of network devices, including managed switches, VoIP phone ports, insecure wireless routers, as well as protecting against IP and Media Access Control (MAC) spoofing by the use of trust lists. The Veri-NAC uses a Dynamic Detection System, which continually monitors for new devices on the network and automatically audits them for vulnerabilities.
Setting up the appliance is almost plug-and-play. When the appliance is plugged into the network, it can grab an IP address via dynamic host configuration protocol (DHCP) or the address can be configured manually by attaching a monitor and keyboard to the appliance itself. After the IP has been assigned, all further configuration is done through the web GUI. Once we logged into the GUI, we ran the asset discovery tool, set up the alerts and turned on and configured the Dynamic Detection System.
Black Box offers various versions of the Veri-NAC, each designed for specific environments. The smallest version can protect one subnet and up to 20 devices, and the largest version can manage up to eight subnets and unlimited devices. The larger appliances also include Command Center functionality, which allows an administrator to remotely manage other Veri-NAC appliances across the network.
Documentation included a paper user guide, as well as a password sheet and full documentation CD.
Black Box offers full phone and email support 24/7/365 at no additional cost. Customers can also access an expansive online resource center.
At a price just shy of $1,500 for the smallest appliance, we find this tool to be a good value for the money. The Veri-NAC appliance provides full dynamic agentless control and vulnerability auditing of all network devices.