Black Box Veri-NAC
Black Box Corporation
SummaryThis is a product that solves a very important problem - network access management - in an inexpensive and simple manner. The thing that's most intriguing about this one - a current product line - is that it is about as simple a NAC as you can find. It very nearly is plug-and-play. It is completely policy-driven, so it only allows the accesses that you specify. It does its own discovery and, quite importantly, it is agentless.
Adding a NAC into a network can be quite demanding because it often is necessary to tell the NAC what addresses it should allow. The Veri-NAC lets you specify the policies that devices must meet to be part of the network and it does the rest. But, even though it is automated, you can remove undesired nodes manually.
Network devices can be tested in a variety of ways and can be forced to comply with pre-set standards before being allowed to connect. This is excellent for guests. NAC is particularly intended to manage the devices allowed on the network. Veri-NAC does an excellent job of that and it does it for a reasonable price.
Additionally, Veri-NAC attacks network address spoofing attempts so that devices cannot bypass the NAC system by spoofing authorized devices. The product line produces a comprehensive set of reports for compliance reporting. When I select a NAC system I want two things: flexibility and ease of use.
Flexibility is necessary to ensure that the product(s) can be used across the enterprise and can be scaled to enterprises of any size whether large or small. Ease of use is necessary because security administrators in large enterprises typically are overloaded, and those in small enterprises often have security as only a part-time job. Simple not only is better, but it is faster for more efficient use of administrator assets. The Veri-NAC meets these requirements at a very reasonable pricing structure for the various models.