Sunday, January 28, 2007

Extreme Networks Adds DHCP-Based Edge Security (NAC)

Extreme Networks has updated its modular operating system, ExtremeXOSversion 11.6, featuring new enhancements for securing networks using Network Access Control (NAC) technologies. The switch-based enforcement allows network administrators to securely deploy NAC using DHCP or 802.1x.

Extreme Networks noted that many enterprises deploying NAC to protect the network perimeter have used DHCP servers, which left vulnerabilities. Users that were denied access could simply configure a static IP address to gain entry into the network and get out of quarantine. Extreme Networks removes this NAC exploit, as the switch enforces all endpoints to only allow devices with valid DHCP assigned IP addresses into the network. Users that attempt to bypass NAC solutions will be automatically blocked by the switch and alert the administrator of the attempted breach.

ExtremeXOS has also introduced enhancements to 802.1x through the innovative Universal Port framework. Universal Port simplifies network operations by automatically provisioning network resources when new users and devices connect. When combined with 802.1x, Universal Port provides more granular policy enforcement including per-user Quality of Service (QoS), rate limiting of bandwidth, and dynamic ACLs.

Both of these enhancements in the latest ExtremeXOS release can be used in conjunction with Sentriant AG, Extreme Networks NAC solution, to lock down the edge of the network and help ensure endpoints are free from threats and in compliance with company security policies before gaining access. Sentriant AG provides deep endpoint testing without requiring an agent and supports both DHCP and 802.1x enforcement modes allowing it to easily integrate with any network environment.

See also