With StillSecure Safe Access, every device starts in the quarantine network segment and has to test out of quarantine to reach devices on the protected network.
Testing of endpoints can be done in any one of three ways. The first testing method is to test in an agentless configuration. This sort of testing works well for XP machines and allows for rapid rollout of StillSecure Safe Access. The second method is with an installed agent. This agent is designed to work with legacy systems, such as Windows 95 and NT 4.0 systems. The final testing method is to use a dissolvable client, which is actually an ActiveX plug-in. This allows for non-Microsoft machines to use the StillSecure Safe Access product.
With 802.1x becoming popular, it is easy to imagine that the restriction of VLANs, while already a Safe Access feature, will become more robust. Use of a protocol, such as extensible authentication protocol (EAP), will give this type of enforcement greater control of system configurations. Besides 802.1x, Safe Access can also function as a pseudo firewall and restrict access down to the data link layer.
This tool uses policies to test the endpoints for compliance. There are several pre-defined policies, and it is quite simple for an administrator to modify existing policies to fit the organization's needs. A most unique feature is the grace period, which allows a non-policy-compliant system to access resources for a limited time.
EasyNAC shipped with a hard copy quick start guide and electronic versions of the administration and installation manuals in PDF format on an enclosed CD.
Standard support is included in the purchase price. This includes telephone and email support from 8:00 a.m. to 6 p.m. Monday through Friday.
The pricing, at around $20 per seat, is in the low to medium price range. However, the product scales very well to meet just about any organization's needs.