SEATTLE -- Lockdown Networks®, the leading provider of Network Access Control (NAC) solutions that keep IT and security teams in control of who and what is on their networks, today announced an upgrade to Lockdown Enforcer that enables very fast deployments through expanded policy enforcement options. Lockdown Enforcer now supports two modes of quarantine, highly secure VLAN and fast-to-deploy IP Subnet Quarantine (ISQ). Using ISQ, NAC can be rapidly deployed on the network, enabling out-of-band NAC to be deployed in as little as one hour. The ISQ deployment option can be used both as a standalone approach to enforcing NAC, or as a quick start to a larger, more robust installation including hybrid ISQ/virtual local area networks (VLAN) or pure VLAN quarantine implementations. In addition, Lockdown has enhanced its support for the Microsoft Network Access Protection (NAP) framework to include automatic NAP agent detection.
Large enterprises ready to implement enterprise-wide NAC solutions require flexibility in deployment use cases to strike the right balance between their policy objectives and the cost of deploying a solution. The ISQ mode utilizes IP subnets for quarantine, which makes it exceptionally easy to deploy and manage, while the VLAN mode is more secure. The ISQ mode works by installing Lockdown Enforcer as a DHCP relay in the network, allowing an Enforcer to manage multiple instances of a DHCP server, without requiring multiple inline appliances, proprietary DHCP servers, or modification of the DHCP servers.
Lockdown ISQ enables companies to create a deployment approach matched to their specific objectives. For example, a low-risk call center can be rapidly enforced using ISQ, while a riskier field service and repair office, a data center, or the financial department, may be supported using VLANs.
The enhanced Enforcer reflects the maturity of the NAC market requirements. While early NAC adopters have focused on VLANs as a security enforcement method, a diverse set of security policies in enterprises calls for an equally diverse set of enforcement methods, said Joel Snyder, senior partner with Opus One. DHCP quarantine offers a different security model than VLANs, but may be very appropriate in branch offices or compliance-focused NAC deployments. By supporting a variety of use cases, Lockdown Networks provides a highly flexible and comprehensive solution that enables immediate ROI.