ConSentry adds network audit and control software

Tracks activity as well as applying rules, roles and policies.

By Bryan Betts, Techworld | Techworld
Published: 10:55 GMT, 16 February 09

Network access control specialist ConSentry is moving away from pure NAC, and towards providing wider visibility and control over the network. It has developed software that uses the deep packet inspection chips built into its switches and controllers to track and audit all sorts of network activity. 

The company has added real-time alerting and correlation capabilities to its InSight Command Centre software, with the aim of identifying questionable applications, devices and network traffic, said CTO Jeff Prince. 

A new network monitoring and control dashboard gives the IT manager an overview of the data gathered, plus the ability to drill down to user, application or device level, he added. 

"We use the corporate directory for role derivation, and have visibility into the LAN at layer 7 and above," he said. "That includes what files you touch and the messages you send over the network. It is stateful and it tracks flows, so it is also useful for compliance."

Speaking at the NetEvents industry forum in Barcelona, Prince said that potential applications for the new software include regulatory compliance, network management, feeding questionable traffic to an IPS for checking, controlling which applications and servers a user can access according to their role, their location, the time of day, and enforcing security policies on email and IM. 

The new software would also have been able to detect traffic generated by the Conficker/Downadup worm, he claimed, although he stressed that it is not designed or intended to be an IDS/IPS. 

"The system can also run in monitor mode as well, to test your security policies," he said. "It relies on our high-performance silicon to get deep packet inspection at a low price. That chip means our switch is competitive with HP, Foundry and Cisco, say, but also does deep packet inspection."

ConSentry increasingly finds itself at the point where network management, security management and application management are converging, according to Prince.  

He added that network control is far broader now than just PCs - there's increasing numbers of other devices, and compliance is adding the need to trace activity back to users as well. 

"We're now focused on providing visibility into the network," he said. "It's not uncommon for a company with 2000 employees to have 5000 or 6000 devices on the network."

What are your views on this subject? Use the form below to post a comment on this article up to 500 characters.

Characters remaining: 500

Related Networking news

Google to support IPv6 protocol on YouTube

Video streaming site to get internet upgrade

21 November 2009

Cisco free iPhone app grabs security feeds

Cisco SIO To Go iPhone application for IT managers on the road

Queen's speech promises action on pirates

Government sticks to plans to disconnect illegal file sharers

Ombudsman faults EC's Intel antitrust ruling

European Commission accused of "maladministration"

Related Networking reviews

Western Digital WD TV Live media player

Opera 10 browser

Internet Explorer 8 review

SANs tuned for virtualisation

Whether you're using virtualisation to make large applications more manageable or to consolidate many small applications, a SAN packed with features that ease the management of storage for virtual machines is a good thing.

Email this article to a friend or colleague:

PLEASE NOTE: Your name is used only to let the recipient know who sent the story, and in case of transmission error. Both your name and the recipient's name and address will not be used for any other purpose.

Techworld White Papers

Database security: Preventing enterprise data leaks at the source

IDC discusses the growing internal threats to business information, the impact of government regulations on the protection of data, and how enterprises must adopt database security best practices...

Download Whitepaper

Service-oriented security

SOA has become an integral part of enterprise software by providing a framework to efficiently develop software as services that is easily sharable, reusable, and integrated. No where is the need more apparent than in the Identity Management space. Welcome to the age of Service-Oriented Security (SOS).

Download Whitepaper

Data protection prospective vendor checklist

Organisations need a way to map business needs against all these challenges in procuring a technical solution. To help, SANS has developed the following Prospective Vendor Checklist.

Download Whitepaper

Unlock the power of the mainframe

This whitepaper presents the notion of CICS as an integration hub based on a component-based, service-oriented architecture supporting Web services. Highlights will review the challenges and contrasted support for Web services natively in CICS.

Download Whitepaper

Techworld UK - Technology - Business

COLT White Paper

Are all VoIP services the same?

Questions to ask your service provider to ensure you get the VoIP service you need
With careful choice of partner, your business can have all the advantages of VoIP access - reduced costs, flexibility and simplicity - without the drawbacks.
This white paper is your guide to ensure you get right the VoIP service and details the pitfalls which businesses would do well to avoid.

Download white paper
BMC

Ride the express lane in the journey to speed ITIL adoption

Explore the challenges in making the journey to ITIL and the criteria for selecting consulting services
By following ITIL practices, your IT organisation will become more closely integrated with the business. We recommend making the journey to ITIL in a sequence of six incremental steps, the phases of which are driven through execution of a strategic transformational roadmap.

Download white paper

Webcast: IT Financial Management: Cost Optimisation for Efficiency and Agility.
On Demand Webcast
Join this webcast to learn about the techniques and technologies that can help you prove the value of IT to the business by understanding the true cost of today's IT services and those that will be necessary to deliver future success.

Register Today

Site Map

IDG Network

* *