Tuesday, July 15, 2008

Free Vulnerability Scan

NetClarity offers FREE SCAN tool to findout if you have any
vulnerabilities ( Malware, Viruses, Worms, Trojans, Keyloggers and all
those nasty exploits are not the problem ) they can exploit, harden
your system and take a more proactive approach to securing your
personal computer.

http://www.netclarity.net/freescan.html

On completing the SCAN, please contact us for the full report unlock key.


NACwall are Network Access Control (NAC) appliances which scan
corporate networks for devices that may contain exposures or
vulnerabilities exploited by hackers that firewalls can't defend
against. NACwalls also alert customers and block against malicious and
un-trusted network access at all points on the network, whether wired
or wireless.

NACwall are proactive appliances that take just minutes to install.
Continuously scanning for vulnerability' s across every device on a
network, NACwalls can stop threats within milliseconds.

NACwall detect & respond to threats from network connected computers,
returning mobile users, wireless devices, new devices and even detect
´imitation´ users (spoofed machines). NACwalls respond in milliseconds
to un-trusted and potentially hazardous computer assets stunning off
their network access in less time than it took to read this sentence.

Network Access Control (NAC) is an approach to computer network security that attempts to unify endpoint security technology (such as antivirus, host intrusion prevention, and vulnerability assessment), user or system authentication and network security enforcement.

Network Access Control is a computer networking concept and set of protocols used to define how to secure the network nodes prior to the nodes accessing the network. NAC might integrate the automatic remediation process (fixing non-compliant nodes before allowing access) into the network systems, allowing the network infrastructure such as routers, switches and firewalls to work together with back office servers and end user computing equipment to ensure the information system is operating securely before interoperability is allowed.

Network Access Control (NAC) aims to do exactly what the name implies: control access to a network with policies, including pre-admission endpoint security policy checks and post-admission controls over where users and devices can go on a network and what they can do.

"NAC's roots trace back to the trusted computing movement. In this context an open-architecture was created as an alternative to proprietary NAC initiatives. TNC-WG aims at enabling network operators to provide endpoint integrity at every network connection, thus enabling interoperability among multi-vendor network endpoints.[3]"

Initially 802.1x was also thought of as NAC. Some still considers 802.1x as the most simple form of NAC, but most people think of NAC as something more.


Goals of Network Access Control
Because NAC represents an emerging category of security products, its definition is both evolving and controversial. The overarching goals of the concept can be distilled to:

Mitigation of zero-day attacks
The key value proposition of NAC solutions is the ability to prevent end-stations that lack antivirus, patches, or host intrusion prevention software from accessing the network and placing other computers at risk of cross-contamination of network worms.

Policy enforcement
NAC solutions allow network operators to define policies, such as the types of computers or roles of users allowed to access areas of the network, and enforce them in switches, routers, and network middleboxes.

Identity and access management
Where conventional IP networks enforce access policies in terms of IP addresses, NAC environments attempt to do so based on authenticated user identities, at least for user end-stations such as laptops and desktop computers.

Pre-admission and post-admission
There are two prevailing design philosophies in NAC, based on whether policies are enforced before or after end-stations gain access to the network. In the former case, called pre-admission NAC, end-stations are inspected prior to being allowed on the network. A typical use case of pre-admission NAC would be to prevent clients with out-of-date antivirus signatures from talking to sensitive servers. Alternatively, post-admission NAC makes enforcement decisions based on user actions, after those users have been provided with access to the network.

Agent versus agentless
The fundamental idea behind NAC is to allow the network to make access control decisions based on intelligence about end-systems, so the manner in which the network is informed about end-systems is a key design decision. A key difference among NAC systems is whether they require agent software to report end-system characteristics, or whether they use scanning and network inventory techniques to discern those characteristics remotely.


Out-of-band versus inline
In some out-of-band systems, agents are distributed on end-stations and report information to a central console, which in turn can control switches to enforce policy. In contrast the inline solutions can be single-box solutions which act as internal firewalls for access-layer networks and enforce the policy. Out-of-band solutions have the advantage of reusing existing infrastructure; inline products can be easier to deploy on new networks, and may provide more advanced network enforcement capabilities, because they are directly in control of individual packets on the wire. However, there are products that are agentless, and have both the inherent advantages of easier, less risky out-of-band deployment, but use techniques to provide inline effectiveness for non-compliant devices, where enforcement is required


Remediation, quarantine and captive portals
Network operators deploy NAC products with the expectation that some legitimate clients will be denied access to the network (if users never had out-of-date patch levels, NAC would be unnecessary). Because of this, NAC solutions require a mechanism to remediate the end-user problems that deny them access.

Two common strategies for remediation are quarantine networks and captive portals:

Quarantine
A quarantine network is a restricted IP network that provides users with routed access only to certain hosts and applications. Quarantine is often implemented in terms of VLAN assignment; when an NAC product determines that an end-user is out-of-date, their switch port is assigned to a VLAN that is routed only to patch and update servers, not to the rest of the network. Other solutions use Address Management techniques (such as Address Resolution Protocol (ARP) or Neighbor Discovery Protocol (NDP)) for quarantine, avoiding the overhead of managing quarantine VLANs.

Captive portals
A captive portal intercepts HTTP access to web pages, redirecting users to a web application that provides instructions and tools for updating their computer. Until their computer passes automated inspection, no network usage besides the captive portal is allowed. This is similar to the way paid wireless access works at public access points.

Benefits:
Minimize risk of outbreaks while allowing for policy flexibility
Protect your network from zero-day threats and infected guest devices; monitor the network continuously for threat assessment and attack behavior originating from all types of devices Minimize exposure from noncompliant, infected, or misconfigured systems

Allow only authorized devices to have network access: enforce compliance by scanning devices to test their overall security posture as they attempt to log onto a network Reduce downtime and risk

Guard against infections and vulnerabilities from mobile devices; identify and quarantine misconfigured systems and company laptops that fall out of compliance; enforce network access decision at the system level; remediate noncompliant devices automatically Make intelligent decisions based on real knowledge

Gain visibility of system and network threats with efficient security collaboration; breakthrough McAfee ePolicy Orchestrator® (ePO™) integration provides real-time visibility of actionable system host details, as well as the most relevant host IPS, anti-virus, and spyware events Leverage your existing network infrastructure

Deploy to all ePO managed systems in your network infrastructure without hardware replacements; get continuous, broad protection that keeps up with the latest threats with McAfee Total Protection for Enterprise—Advanced with NAC included; manage it all from a single, centralized console.

Features:

Dynamic NAC with IntruShield
Protect the internal organization from the threat of remote access, high-risk branch offices, or guest wireless networks by identifying, quarantining, and then remediating any infected device Flexible and powerful remediation options
Minimize helpdesk calls and make faster fixes on managed systems with automated remediation; for unmanaged systems, go to a user-directed remediation portal for quick results Broad enforcement options

Select from a variety of enforcement strategies, thanks to integration with ePO and a flexible architecture; protect against critical systems that cannot run agents with integrated McAfee Network Security Platform; add support for Microsoft NAP Framework Centralized management and control

Manage and control access to your network, along with your other system security protection, through a single console with ePO; get a bird's eye view or all the details about hosts and define policies; retrieve centralized reports of failed compliance checks and remediation action Protection from non-Microsoft® Windows devices

Monitor and assess threats and attacks from any device, including Macintosh and Unix systems and devices with embedded operating systems, like VoIP phones, printers, faxes, and copiers

No comments: