Enterasys Network Access Control
Strengths: A lot of flexibility in deployment options.
Weaknesses: We would have liked to see the initial deployment streamlined with a web-based wizard.
Verdict: A flexible product that could be a bit easier to deploy.
SummaryThe Enterasys Network Access Control appliance can be deployed inline or out-of-band, which provides for flexibility based on the network environment. This product provides access control across wired, wireless or VPN connections. It can use a variety of authentication options.
The setup consists of installing the NetSight appliance, which includes the NAC Manager software, and installing the actual NAC controller. The initial configuration of the NetSight appliance is done through a command line configuration wizard. This configuration prepares the appliance with all the network and hostname settings. The installation of the controller is done through the command line as well and takes just a few minutes. Management is done through various applications available via the NetSight appliance. We found management of the controller and the appliance to be a fairly simple and straightforward process.
The Enterasys system allows for centralized policy and guest access control with options, such as permit, deny, prioritize, rate-limit, tag, redirect and audit traffic. These options can be assigned based on user identity, time, location and device type. We tested the inline system and found that even though it was based on the inline deployment, it had a lot of nice flexibility in terms of control and policies.
Documentation included installation guides for both the controller and the NetSight appliance. Also provided was a guide for the NetSight Policy Manager application. We found these to be well-organized.
Enterasys offers 24/7/365 phone, email and web support, including self-service case management tools. Customers can also access a support website.
With a price starting at just under $9,000, we find this Enterasys product to be a good value for the money. While the tool can interface with many managed switches and other components, the inline approach with the included controller allows for a great amount of flexibility for different types of network environments.