Bradford Networks
Bradford Networks
If you are trying to log into a network protected by Bradford Networks' NAC Director, you'll have an agent on your computer or you won't login. If you have an agent, you'll be sent exactly where policy allows you to go and nowhere else. If you are a visitor, you'll have a dissolvable agent uploaded and installed on your computer automatically, and when you are finished it will clean up after itself and disappear as if it was never there. All that will happen without any human intervention from the organization.

We looked at NAC Director this year and we were impressed with its creative approach to protecting the enterprise. When we asked Bradford visionaries what made them innovators the answer was “wireless.” Wireless networks will soon outnumber wired networks by 10 to one, according to Bradford. Wireless networks stress NAC systems because of the nearly ad hoc nature of wireless. That means that NAC products in a wireless environment are challenged to be highly scalable. This is one place that Bradford Networks has staked a claim.

The second area is anticipating the future. To do that Bradford relies heavily on customer feedback and NAC Director's ability to leverage existing network resources. An important result of that is that NAC Director leverages existing and coming technology rather than attempting to build that technology into the system. For example, rather than duplicate functionality that is available in Microsoft Vista, Bradford simply hooks into that technology. This allows them to focus on what they do best, which is not building operating systems.

NAC Director also uses an out-of-band technology reducing the choke point of an in-line system without sacrificing performance. The core of the technology is the self-evolving policy engine, which takes advantage of policy decisions made elsewhere on the network based on data from network assets, such as an IDS. Bradford calls that “leveraging the network.”

The future strategy of Bradford is to continue evolving the policy engine's smart capabilities. Tactically, NAC Director pushes access control policy enforcement to the edge of the enterprise where it belongs. Strategically, NAC Director leverages the assets on the network to keep pace with the unique security architecture of each individual enterprise.

What it is: Agent-based network access control policy manager that functions out-of-band
Vendor: Bradford Networks -
Cost: starting at $6,495
Innovation: Out-of-band agent-based access control policy management engine that leverages existing network assets to evolve policy automatically
What we liked: Ease of use and management, vision for the future, number of network devices