Cisco NAC

BigFix Enterprise Suite meets the testing criteria set by Cisco for Network Admission Control (NAC) compatibility.

As information technology systems have grown in size and scope, and the pace and quantity of security vulnerabilities have accelerated, IT organizations face a critical need to insure that all computers connecting to the enterprise network are secure and configured according to policy. Many enterprises are looking to employ a "scan & block" technology to enforce policy compliant network admission, consisting of scanning these endpoints as they attempt to connect to the network and blocking the network connection if the computer is not compliant with security policies.

A "scan & block" approach greatly limits productivity by placing non-compliant endpoints into a time-consuming "quarantine" state, often while the end-user installs unfamiliar patches and anti-virus update files, makes configuration changes, or requires help desk support in order to gain network access. To insure that business operations are not disrupted, the network protection and systems management infrastructure that enterprises deploy must not only identify non-compliant and vulnerable endpoints and quarantine them, it must also remediate and seamlessly bring them onto the network with a minimum of end-user delay and disruption.

BigFix and Cisco are leading the way with a solution that closes the "scan & block" gap by combining comprehensive end-point assessment and pro-active remediation with a comprehensive policy compliant network admission solution. BigFix's security configuration management platform, the BigFix Enterprise Suite (BES), cooperates with Cisco's Network Admission Control (NAC) technology to provide:

  • Granular, efficient management of security configurations, patch levels and software installations on all endpoints, no matter how and where they attempt to connect to the network.
  • Automated policy-based remediation of non-compliant endpoints, without user intervention.
  • Ability to quarantine computers not managed by BES or by the Cisco Trust Agent (CTA), and to install the BigFix agent to bring these endpoints under management, if desired.
  • Ability to automatically install the CTA and configure clients for NAC on computers managed by BES.
  • Central monitoring and control of endpoints throughout the organization, even when the endpoint is in quarantine.

BigFix provides comprehensive, scalable, easy-to-use security configuration management solutions for global enterprises and government agencies facing challenges such as regulatory compliance, governance and business agility. BigFix enables IT to discover, analyze and change software configurations faster and more accurately, resulting in improved processes, better security and more reliable services while reducing costs.

The BES Platform enables organizations to use the distributed power of all their computers to manage their security and configuration—no matter where the computer is or how it connects to the enterprise network.

BigFix's Client Compliance

Cisco NAC extension integrates the powerful assessment and remediation capabilities of the BES platform with Cisco's industry-leading NAC technology to deliver a unified endpoint assessment, remediation and network admission solution. In conjunction with the deployed NAC infrastructure, BES enables a complete solution, where non-compliant endpoints are automatically remediated, without end-user intervention, and smoothly and securely connected to the network.

For more information, contact BigFix Sales at http://bigfix.com/company/contact.html.