RE: How to securing endpoints - PRODUCTS

[andy cuff <lists () securitywizardry com>]

Morning,
We looked at this a while back and have details on every Endpoint Security 
Product here:
http://www.securitywizardry.com/endpoint.htm

We also broke out the Network Access Control products here:
http://www.securitywizardry.com/nac.htm

If you discover any that we are missing please let us know and we'll include 
them, the product break down is as follows:

Endpoint http://www.securitywizardry.com/endpoint.htm
GFI Endpoint Security
mTrust Shield
Safend Protector
Reflex DiskNetPro
Senforce Endpoint Security Suite
Sanctuary Device Control
DeviceWall
Takeware Gatekeeper
SafeGuard Easy
Pointsec Media Encryption
ClipDrive Bio
Websense Client Policy Manager
AppSense Desktop Security
BeCrypt Protect products

NAC http://www.securitywizardry.com/nac.htm
Infoblox ID-Aware DHCP Solution
EdgeWall
Cisco NAC Appliance and NAC Framework
Mirage Endpoint Control Appliances
InfoExpress CyberGatekeeper
StillSecure Safe Access
Check Point Integrity Product Family
Hercules ConnectGuard
EndForce Enterprise
Juniper Networks Infranet Controller
LANDesk Security Suite
Microsoft Network Access Protection
Nortel Secure Network Access
SafeWord SecureWire
Symantec Network Access Control
McAfee Policy Enforcer
Lockdown Enforcer
ConSentry LANShield products
Nevis Networks LANEnforcer and LANSight
CounterACT
BigFix Client Compliance products
Aventail SSL VPN
Senforce Network Access Control
Network VirusWall Enforcer
Caymas Access Gateways
Altiris Quarantine Solution


-- 
Andy Cuff
Computer Network Defence Ltd
www.SecurityWizardry.com


Quoting Jaime Ruiz <jruiz () neosecure cl>:

> You sould take a look at the NAC technology from Mirage Networks. This is a
> clientless aproach to NAC in opposite to Cisco and independant of the
> operating system.
>   
> http://www.miragenetworks.com
>
> Regards,
>
> Jaime Ruiz V.
> ============================================================
> Jaime Ruiz Villegas
>   Gerente de Proyectos Especiales, NeoSecure S.A. - Web: www.neosecure.net
>   Email: jruiz () neosecure cl - Phone:+56.2 2905919 - Mobile:+56.9 7995848 
> CHILE   - Phone:+56-2.2905900, Fax:+56.2 2905959
> Providencia 1760 Of. 1601, Santiago. CP7500498
> ARGENTINA - Phone:+54-11.48501310, Fax:+54.11.48501201
> Bouchard 557/599 Piso 20 C 1106 ABG, Buenos Aires
> =====================  Nota de Confidencialidad ==================
> La información contenida en este mail es confidencial y ha sido enviada en
> forma exclusiva al destinatario del mismo, quién no debe divulgarla sin
> previo consentimiento de NeoSecure.
> ============================================================ 
>
>
> -----Mensaje original-----
> De: listbounce () securityfocus com [mailto:listbounce () securityfocus com] En
> nombre de WALI
> Enviado el: Sábado, 20 de Enero de 2007 3:59
> Para: security-basics () securityfocus com
> Asunto: How to securing endpoints?
>
>
> Seeking pointers on how to secure endpoints within the LAN.
>
> With an AD domain running, without any Radius authentication mechanism, I am
> wondering whether it would be worth investing yet, in the nascent
> Microsoft/CISCO NAC technology.
>
> My main concern is, to find ways to prohibit anyone/everyone to be able to
> just plugin their PC/laptop into the UTP wall socket and get a lease from my
> DHCP servers. We are looking at a network of about 1000 pc's here.
>
> MAC learning and locking at the switch layer is an option but I foresee a
> huge administrative overhead in my scenerio where helpdesk rolls out several
> new PC's daily.
>
> Any other options??