Network Access Control and Quarantine

The Business Problem

The steady drive toward e-business commerce models have made the traditional enterprise network perimeter more permeable, with many endpoints (desktops, laptops, and even servers) that access network services no longer located within the secured network boundary. Today, partners, suppliers, consultants and mobile workers may have privileged access to key network resources. Users routinely re-connect their computers directly to the enterprise network after connecting to insecure public and foreign networks where they may be susceptible to infection and compromised by viruses, worms, spyware or other security risks. These users may then unknowingly introduce malware directly into the enterprise network. This will disrupt business operations, compromise confidential information, increase support and help-desk expense, and divert critical IT staff resources from higher value-added activities.

In addition, regulatory mandates such as America’s Gramm-Leach-Bliley data protection legislation, Sarbanes Oxley financial disclosure law, and the Health Insurance Portability and Accountability Act have driven many American organizations to block remote endpoints from accessing network resources unless they are secure and fully compliant to enterprise security policies.

The BigFix Solution

BigFix network access control and quarantine solutions help secure business operations and meet compliance and governance regardless of which network access control technologies an organization uses. BigFix’s network access control products:

• Protect enterprise networks by insuring that endpoints seeking access to network resources are assessed and remediated for compliance to enterprise security policies before network access is permitted
• Enable end users to access network resources with a minimum of delay and disruption by automating remediation of non-compliant endpoints without requiring end-user intervention
• Simplify network access control management by providing a single point of real-time visibility and control for assessing and remediating security and configuration elements on the endpoint, including anti-virus, patch, and anti-spyware
• Streamline policy administration by delivering real-time visibility and configuration control of endpoints throughout the organization, even when an endpoint is in quarantine
• Minimize any end-user disruption when network access policies change by enabling full assess of the impact of proposed policies prior to executing enforcement measures

Buying Guide

BigFix Client Compliance products, in conjunction with the BigFix Enterprise Suite platform and third-party network access control solutions, provide endpoints with seamless network policy compliance assessment and remediation that prepares them for safe access to enterprise networks.

	BigFix Enterprise Suite has met the Cisco Network Admission Control test criteria for interoperability with Cisco Trust Agent.

BigFix Client Compliance: Cisco NAC Support—Provides automated compliance assessment and remediation in conjunction with Cisco Network Admission Control (NAC) infrastructure. Key attributes include:

• Provides automated assessment and remediation to add value to Cisco’s NAC solution
• Simplifies and centralizes assessment and remediation policy
• Speeds deployment and update of Cisco NAC endpoint components
• Enables Cisco NAC interoperation with security elements that are not Cisco NAC-certified

BigFix Client Compliance: IPSec Framework—Provides automated compliance assessment, self-quarantine, and automated remediation for Windows 2000 and XP computers managed by the BigFix agent, with no additional network access control hardware or software required.

BigFix Client Compliance: Custom—Professional service solutions for other leading third-party network enforcement products from InfoBlox, InfoExpress, MetaInfo, Microsoft (NAP), Sygate, Zone Labs, and others.

BigFix Enterprise Suite platform—The highly scalable, real-time foundation for BigFix configuration management and security solutions. The BigFix Enterprise Suite platform is a prerequisite for all BigFix Client Compliance products.

Find Out More