The integration between Lancope®’s StealthWatch™ System for Network Behavior Analysis (NBA) and Bradford Networks’ Network Sentry now allows institutions and enterprises to automatically address suspicious behavior at the network edge. This joint solution ensures that malicious or suspicious network behavior from users or devices is discovered and flagged so that access control actions can take place at the offender’s point of network access. By combining Lancope and Bradford Networks’ robust security capabilities, organizations can continuously assess hosts responsible for disrupting network performance and quickly quarantine offenders before any impact to network availability.
How it works
During the pre-connect process, Bradford Networks’ NAC solutions grant entry onto the network only after a successful posture assessment by a persistent or dissolvable agent. If these same hosts begin to exhibit malicious or suspicious activity once connected, Lancope’s StealthWatch quickly identifies this anomalous host behavior and sends alarm notification to Bradford Networks’ NAC solutions via SNMP or Syslog.
Bradford Networks’ SNMP/Syslog management feature allows Lancope’s StealthWatch notifications to become NAC events/alarm pairs, which are mapped to specific network access control actions. Depending on the environment and the policy, this action could be as simple as sending an email to an administrator or as drastic as moving the offender’s switch port to an isolation VLAN. StealthWatch’s ability to analyze behavior from all parts of the network and Bradford Networks’ ability to control wired, wireless, and VPN access gives enterprises unequaled control over their entire network.
By working together, the combined solution couples pre-connect assessment and enforcement with post-connect monitoring and containment to deliver a cost-effective and comprehensive NAC solution.
