There are many approaches one could take to securing the network, with equally many tools available for each aspect of security. However, if undertaken on a blow-by-blow basis, one can unwittingly construct quite a complex arrangement of tools and service, which, in turn, brings complexity to the administration and support of the task itself.
Lockdown Networks provides an alternative, and altogether more straightforward approach in the shape of the Lockdown Enforcer. This is an attractively presented, self-contained 1U box that sits out of band on your network and enforces endpoint security and policies at the point of network entry.
It is compatible with a wide range of network devices, and switches and should be easily deployed in the majority of cases, having very little impact upon network performance. Once installed, it can enforce policy at group or individual level, targeting specific devices, ports or users if need be.
The product is compatible with various authentication philosophies and, indeed, can operate in a mixed authentication mode environment if required. Similarly, it can integrate with various directory services via LDAP, providing flexibility of configuration.
The Lockdown Enforcer can also perform basic vulnerability scanning in order to identify potential weaknesses on your network. This can function with or without the help of remote agents, and remediation may be manual or automated. As you might expect, there is also a custom reports facility that offers several basic report types for customisation.
This is a lot of functionality for one box. In fact, Lockdown Networks offers some companion products that make the Enforcer concept especially scalable. These include the Lockdown Sentry, which works with the Enforcer to extend the functionality to remote sites; and, for the larger enterprise, the Lockdown Commander, which provides a centralised management function for multiple Lockdown Enforcers.
Lockdown Networks is still a fairly young company, but clearly has built up a very well-considered product portfolio with which to provide straightforward but effective network access control. Medium-sized enterprises in particular would benefit from this virtual "plug and play" approach, providing comprehensive protection with manageable levels of administration and support.