Endpoint Protection

 View Only

  • 1.  What are the extra benifits I will get if I use SNAC with SEP

    Posted Jul 24, 2009 01:05 PM
    I use SEP11MR4 .

    we use all the features of sep including firewall in our organization. so what extra benifits will we get if we use SNAC with SEP.


  • 2.  RE: What are the extra benifits I will get if I use SNAC with SEP

    Posted Jul 24, 2009 01:12 PM
    SNAC is a Complaince Management software
    1. Set compliance standards for the Network (Host Integrity Policy)
    2. Ensure all clients comply to the set-standards (Using Enforcement methods like DHCP, LAV OR Gateway Enforcers, etc... and Remediation)

    Thanks :-)


  • 3.  RE: What are the extra benifits I will get if I use SNAC with SEP

    Posted Jul 24, 2009 01:33 PM
     Well for one you can ensure that each machine plugging into your network has a minimum level of security.

    Think about it, you could ensure that the following conditions are met
    AV engine enabled
    AV def's less than 10 days old
    Latest critical MS hotfixes installed
    SP whatever for Windows is installed.

    If all of the above are true, let 'em in.
    If false, you can remediate and automatically get them to the right version.

    The Starter edition of NAC for SEP is only a small incremental cost, I would reccommend it strongly.  I've seen it quoted at less than $10 a user.





  • 4.  RE: What are the extra benifits I will get if I use SNAC with SEP
    Best Answer

    Posted Jul 24, 2009 03:21 PM
    You might be knowing more than 90% of the attacks , infections comes from within the LAN from our trusted computers.
    You say they are trusted because they are employee of your compant thats it..
    You configure your firewall and everything from external threats and attacks but do you exactly do to make sure your employees are doing what they are supposed to do.
    What applications they are running,Do they have any AV installed or have they removed themare they on the latest patch andAV defs or they are just hiding from Administrators..

    An Adminstrator wants his netowork to be completely secred and Patched up..but do the employees care aout what defintion or patch they have..they think its Admins jobto check these things..

    One Un-Patched/un-secure computer is enough to bring down the whole company without compliance check.

    Symantec Network Access Control helps you acheive this compliance..
    eg: A Field engineer /Sales Employee has been out for a month..he has not updated his definitions or patch..he has his laptop infected with bots
    Then he logins to the network  saves some files to your server including the bot..
    Now the bot can control over your network..

    When you have SNAC in place it wont allow an unpatched pc, old definition PC to connect to your critical servers.
    First they will connect to a Remidiation VLan/Server to get these updates and become totally safe to be able to login to the network.
    Think about the VPN clients who don't even come to office to connect to the LAN..how to beleive they are patched up ? SNAC will do that for you..
    You can control what application clients should run and what they should not..
    You can do any compliance related Job to make sure the clients inside your netowork including VPN clients are the trusted ones..
    It is all policy/rules based about what do you think your clients should be like and should be doing...if they don't obey they are thrown out of the netowork..
    You can also do windows patch management.
    SNAC is a independent product that can be integrated by SEP/SEPM..
    So if you are using any 3rd party antivirus it will do the compliance check for it..




  • 5.  RE: What are the extra benifits I will get if I use SNAC with SEP

    Posted Jul 24, 2009 08:56 PM
    Organisations that deploy Symantec Network Access Control Starter Edition can experience multiple measurable benefits, including:

    • Reduced propagation of malicious code such as viruses, worms, spyware and other forms of crimeware

    • Lowered risk profile through increased control of unmanaged and managed endpoints accessing the corporate network

    • Greater network availability and reduced disruption of services for end users

    • Verifiable organisational compliance information through near real-time endpoint compliance data

    • Minimised total cost of ownership based on an enterprise- class centralised management architecture

    • Verification that endpoint security investments such as Symantec AntiVirus™ and the client firewall are properly enabled

    • Integrates seamlessly with Symantec™ Endpoint Protection


  • 6.  RE: What are the extra benifits I will get if I use SNAC with SEP

    Posted Jul 24, 2009 09:04 PM
    Doesn't MS offer free NAC starting with Win 2008?

    What makes Symantec's version of NAC so special?



  • 7.  RE: What are the extra benifits I will get if I use SNAC with SEP

    Posted Jul 24, 2009 09:11 PM
    Symantec™ Network Access Control Starter Edition

    http://www.ontrex.ch/de/pdfs/securitymanagement/NEU_Juno2009/SymantecNetworkAccessControlStarter_english.pdf


  • 8.  RE: What are the extra benifits I will get if I use SNAC with SEP

    Posted Jul 26, 2009 10:02 AM
    addition to those above:

    It provides basic user management. You're at the command prompt of all clients, you can run scripts (cmd, vbs, powershell), collect information, get the juice out of your network

    you imagine ! :)