Barracuda Networks VERSION SP4 manual Introduction, Endpoint Security and Network Access Control

Chapter 1

Introduction

1.1Endpoint Security and Network Access Control

With the advent of novel technologies, work habits have changed dramatically throughout the past decades. Notebooks and netbooks, smartphones and vast amounts of data easily portable on USB sticks and miniature storage cards, ubiquitous wireless network access, personal area networking, they all have attributed to the fact that endpoints in corporate networks have become an increasingly hard to control hazard.

Effective endpoint security today extends far beyond historical personal firewall and antivirus concepts. It still means protection of an endpoint against network threats using a host firewall and malware detection software, but extends the protection concept by a broader enforcement and validation of security policies that are specific to the identity of the device, the user and its current state. Powerful endpoint security concepts also necessitate full integration into an accompanying network access control framework.

Network Access Control (NAC) represents a novel technology aimed at guaranteeing that access to enterprise network resources is granted based upon authentication of the user and device as well as verification of the device's compliance with current security policies.

By default, a typical Network Access Control solution offers enhanced protection against malicious software and attackers, improved access control to the network for employees and guests, superior resource usage tracking, and a powerful policy adherence mechanism. As a consequence, the complexity of the network and the administration effort required is significantly reduced, a greater degree of integration among stand-alone security solutions is achieved, existing and potential security gaps are nicely closed, and a greater visibility of end-to-end security is provided.

1.2Introduction to Barracuda NG Network Access Client

Barracuda NG Network Access Client denotes Barracuda Networks' endpoint security and network access control (NAC) framework. Administered endpoint integrity and endpoint access is what Barracuda NG Network Access Client provides. In order to achieve this, it consists of client software

components1, server side components, which the client software periodically communicates with to have the health state of its underlying operating system verified and its network access rights assessed. Barracuda NG Firewalls can interpret that information and subsequently allow or deny network access attempts by the respective client.

1.Available for Microsoft® Windows XP (32 Bit) and Vista (32 Bit and 64 Bit) Windows 7 (32 Bit and 64 Bit)operating systems

4 Introduction