Symantec NAC 11.0
July 01, 2008
£6,518, including Symantec Network Access Control Starter Edition 11.0, 1 Symantec NAC Enforcer Appliance, and 1 year of Essential Support Services
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: 802.1x compliant, so no extra authentication servers needed
- Weaknesses: Difficult install relies on Symantec's professional services
- Verdict: An acceptable offering that is complex to implement and manage, but it delivers the features advertised
The offering from Symantec is much larger than the scope of this review. NAC 11.0 has additional functionality such as desktop enforcement through client-installed firewall/agents.
A LAN enforcer, configured to work with a Radius, Diameter or LDAP server, forwards the user information it receives from the 802.1x supplicant to the Radius server for authentication and does not grant access to a client that fails the user-level authentication.
There are three types of enforcer appliances: gateway, DHCP and LAN enforcers. The Symantec Enforcer is a component that works together with the Symantec Policy Manager and Symantec Agents to protect the enterprise network. Enforcers are responsible for many tasks. It is generally more convenient to administer them all in one centralised location. The Policy Manager provides this capability.
Symantec Agents can be configured to run host integrity checks at various times. This ensures that the user has not disabled the local firewall or anti-virus, or performed any other action that would cause the device to be moved into a quarantine area, which will only allow users to access the internet for the purpose of bringing back the client, through HI, to the regular LAN segment.
When a client tries to connect to the network, the Symantec Agent runs a host integrity check. It then sends the results to the enforcer. If the client passes, it gains access to the network.
The installation is so complex that Symantec usually sends a professional service technician to complete the initial install.
Limited documentation for the product is available online. We were unable to locate any additional documentation, which would have been handy to have.
The first year of support, which is included, is available 24/7. Additional phone, email and website access are available after the first year.
The pricing for the NAC 11.0 appliance starts at £6,518, which includes Symantec Network Access Control Starter Edition 11.0, a Symantec NAC Enforcer Appliance and a year of essential support. This makes the NAC 11.0 average value for money.
SC Webcasts UK
Sign up to our newsletters
DV Cleared Systems Architect - 6 Months - London
Computerfutures - London (North), London (Greater)
CISO – Chief Information Security Officer (Up to £100K)
Evolution Recruitment - London (North), London (Greater)
Head of Security Strategy – London
Evolution Recruitment - London (West), London (Greater)
Information Security Manager
Infosec People - Hammersmith, West London
Associate Professor in Cyber Security and Networking
Edinburgh Napier University - Edinburgh, City of Edinburgh
SC Magazine UK Articles
- Russia's Central Bank introduces new mandatory cyber-security regulations
- Singapore to shut off internet access for government agencies
- Epic hack, thousands of salted logins stolen
- 6 in 10 universities hit by ransomware, 2/3 hit multiple times
- Shadow Broker's leaked files confirmed real by Snowden docs
- SC Awards Europe 2016 winners announcements!
- Microsoft ends common password use and password lockout
- ISIS radicalises 'lone wolves' through strong social media presence
- 1.5 billion Windows computers potentially affected by unpatched 0-day exploit
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- ICYMI: Russian banks, Singapore, ransomware on campus, gaming hacks and more Snowden
- Advocacy groups urge FCC in the US to address connected car technology threat
- Lost devices leading cause of data breaches, report
- WhatsApp to share customer data with Facebook
- Hackers exploit vBulletin flaw to access 27M accounts on 11 websites