Infoblox ID Aware(TM) DHCP Toolkit Provides Identity-Driven IP Address Services for Network Access Control (NAC) Solutions
Posted on: Monday, 6 February 2006, 09:00 CST
Infoblox Inc., a developer of essential infrastructure for identity-driven networks (IDNs), today announced availability of the Infoblox ID Aware(TM) DHCP Toolkit. The Toolkit provides a foundation for any network access control (NAC) solution by using user identity (user name and password) and endpoint state information (e.g., antivirus and operating system versions) to ensure that a valid IP address -- the key to gaining network access -- is granted only to authorized users and endpoint devices that meet an organization's compliance policies.
"DHCP, the protocol that networks use to assign IP addresses, is the logical place for network access control -- no IP address, no network access," said Dan Golding, senior analyst, The Burton Group. "Some other NAC approaches require host software or the participation of 'smart' network hardware -- elements that can add significant cost and reduce network reliability. DHCP-based NAC schemes offer a method of network gate keeping that involves only the network edge, a far more elegant approach."
The ID Aware DHCP Toolkit takes advantage of the fact that nearly all endpoint devices require DHCP service to obtain their IP address. The Toolkit, which operates in conjunction with Infoblox appliances running the DNSone module that are designed to deliver non-stop dynamic host configuration protocol (DHCP) services, as well as domain name resolution (DNS) services, enables the collection and maintenance of real-time and historical data that correlates user identity, device and IP address information. This information can be accessed by NAC products and solutions from a wide variety of vendors to support advanced endpoint security, policy enforcement and compliance reporting applications, and can even be used to detect rogue devices that attempt to bypass the system.
Toolkit Specifics
In its most basic implementation, the Infoblox ID Aware DHCP Toolkit provides authenticated DHCP service by linking DHCP running on Infoblox appliances to an organization's existing network and directory infrastructure, providing cost-effective network protection services with no network upgrades or additional network components required. Further, the Infoblox ID Aware DHCP Toolkit can be fully customized and is designed for compliance with all major NAC products, including Cisco NAC, Microsoft NAP, Juniper Secure and Assured, Trusted Computing Group's TNC, and others.
The Toolkit consists of a collection of software modules that include:
-- A captive web portal used to redirect users to customizable web pages that support authentication and provide a user interface for endpoint scanning and remediation activities for devices in quarantine; -- An authentication and policy interface to user stores such as Microsoft Active Directory and RADIUS; -- A built-in Nessus engine for clientless endpoint policy assessment; -- An endpoint validation and compliance interface that enables the Toolkit to integrate third-party endpoint scanning and remediation systems; -- A policy engine that can be used to control system behavior based on the results of user authentication, endpoint scanning, and remediation operations; -- An interface for user-defined scripts to allow custom logic in conjunction with pre-defined or user-integrated endpoint security systems or network infrastructure devices; and -- A Web-based administration GUI that allows configuration of all pre- integrated elements and enables callouts to custom, user-defined functions.
The Infoblox ID Aware DHCP solution -- the combination of Infoblox appliances, the DNSone module and the Toolkit -- provides these basic capabilities "out of the box," and by integration with third-party systems, it can enable the implementation of NAC solutions with any desired level of security.
Integration Options
The Toolkit offers an evolutionary approach to increase levels of security and network access control by integration with any number of third-party applications and network devices for user authentication; end-point scanning, remediation and patch management; access enforcement; threat mitigation and reporting.
For example, user authentication can be performed through integration with a variety of systems such as Microsoft Active Directory and Cisco ACS. An endpoint scanning and remediation interface allows for easy integration with all major vendors, and includes a pre-installed implementation with BigFix. The Toolkit also provides unique capabilities when used in conjunction with threat mitigation systems, such as that of the Mirage Networks NAC solution, which can query the Infoblox appliance database to determine if a particular user or device was properly authenticated or is a rogue device that needs to be quarantined. The system also provides extensive logging of activity that can be collected and analyzed by security event management and logging systems such as Arcsight, Netforensics and Loglogic. Depending on customization, integration of the systems can be performed in minutes.
"There are many NAC solutions available today, and they all depend on robust, reliable and intelligent DHCP infrastructure," said Richard Kagan, vice president of marketing at Infoblox. "The Infoblox ID Aware DHCP solution enables organizations to make immediate improvements to their network security and build a foundation that will support any NAC strategy as they upgrade their DNS and DHCP infrastructures."
The ID Aware DHCP Toolkit is available today for no additional charge with the Infoblox DNSone module, which runs on the Infoblox-1200 and -1000 appliances.
For more information about Infoblox solutions, visit: http://www.infoblox.com/solutions/.
About Infoblox
Infoblox develops essential infrastructure used for establishing identity-driven networks (IDNs). Infoblox network identity appliances deliver nonstop DNS, DHCP, IPAM, RADIUS and related services with unparalleled reliability, manageability, scalability and security. Hundreds of organizations worldwide, including many of the Fortune 500, use Infoblox solutions for the critical naming, authentication, authorization and IP management services that make their networks secure, robust, manageable and compliant. The company is headquartered in Sunnyvale, CA and operates in more than 30 countries. For more information, call +1.408.716.4300, email info@infoblox.com, or visit www.infoblox.com.
Media Contacts: Jennifer Jasper Infoblox 408.716.4372 Contact via http://www.marketwire.com/mw/emailprcntct?id=40343D85C07E120F
SOURCE: Infoblox
Source: MARKET WIRE
Related Articles
- Global Security Systems Debuts Integrated FM Radio and Cell Phones at NAB 2009
- Napera Networks Eliminates Need for Multiple Security Appliances With Integrated Firewall and VPN
- Security With Advanced Technology Installs Innovative Security System at Fortune 500 Company
- IBM Internet Security Systems Extends Industry-Leading Preemptive Protection to Remote Segments of the Network
- Homeland Integrated Security Systems Conducts Successful GSM Cyber Tracker Testing in Europe
- Homeland Integrated Security Systems' Cyber Tracker First GPS Device to Run Data and Voice Simultaneously
- Homeland Integrated Security Systems, Inc. Announces New Strategic Alliances and Partnerships -- As Reported By Wallstreetreporter.Com
- Homeland Integrated Security System Website Now Features Web Cam Cyber Tracker Demo
- Homeland Integrated Security Systems' Cyber Tracker Being Delivered Into Multiple Verticals
- Endwave and SafeView Sign Next-Generation Development Agreement for Homeland Security System
 |
 |
User Comments (0)
RSS Feeds