Cisco unveiled the second stage of its Network Admission Control (NAC) initiative, porting software to its range of Catalyst switches and wireless products. In addition, three new partners were bought into the fold to add vulnerability scanning to the framework.
The company will make switch support for NAC available as a free software download to customers at the end of November. NAC software on the Cisco wireless products are available today. NAC uses network infrastructure to enforce security policy compliance on all devices trying to access network computing resources.
The updated framework moves authentication checks from the server out to switches so that worm outbreaks are better contained within an organization. Elad Shaviv, security practice manager at Cisco said it was no longer enough to control security just at the server, it had to reach out through the entire organization.
"Point solutions are no longer valid, we need a consolidated approach that sees security built into all parts of the network. This means that security can be deployed at a lower cost," he said.
The security framework has also been extended to provide assessment of unmanaged or agentless endpoints. Cisco has created a new auditing category to deal with vulnerability scanning of untrusted devices. Vendors joining this new category include Altiris, Qualys, and Symantec (through the WholeSecurity acquisition).
"The advancements to the NAC framework mean that organizations are now able to take more advantage of their network infrastructure, security and management software investments and help enable the assessment of the security state of wired and wireless clients," said Chris Thatcher, North American principal consultant for security for Global IT services company Dimension Data.
"This allows organizations to help enforce security policy by either granting or denying access to network resources based on client compliance with security policy. This will help provide an even more secure network environment via this controlled access."