Mirage Networks is introducing a smaller, inexpensive, branch-office network-access-control device for sites with a maximum of 15 employees, making it possible to extend NAC to locations where previously it might have been too costly.
The N-120 appliance has a simpler setup than the company’s other gear has, making it suitable to install in places that might not have IT staff available. The N-120 has all the security features of other Mirage devices.
The box costs US$2,500 (NZ$3,325) and supports 50 endpoints, based on its processing power and memory. Mirage sells other appliances that support 100, 1,000 and 2,500 machines.
The N-120 devices are designed for organisations that have many sites, such as campuses and retail chains. They are attached out-of-band to switches and run policy checks against machines as they log in. They detect commonly banned types of traffic running on clients, such as peer-to-peer networking, or the presence of FTP or web servers. The Mirage gear does so without using software agents to gather data, so it doesn’t provide as comprehensive a profile of a machine as an agent could provide.
Once a machine is allowed onto the network, the Mirage device monitors its behaviour and intercepts suspicious traffic. Mirage says its device modifies address resolution protocol (ARP) tables on PCs and LAN switches to enforce policies. ARP provides the link between Layer 2 media-access-control addresses and Layer 3 IP addresses on clients attaching to a LAN.
Manipulating ARP lets Mirage appliances control what clients can do on a network by blocking access, redirecting traffic to quarantined virtual LANs (where unpatched machines can safely update required software), or moving traffic to authentication servers.