Network security and management vendor Perfigo Inc. has announced a new product that helps network administrators prevent infected or unprotected machines from spreading viruses on a LAN.
The company's CleanMachines product, which is part of the company's SecureSmart Server appliance, identifies devices on the network that do not have up-to-date antivirus software, quarantining them before they obtain network access. The tool then instructs users to install the necessary patches and updates.
CleanMachines also maintains a list of machines that meet the organization's virus protection requirements. Once a device's security software is upgraded, the device is added to this list and granted network privileges.
"Guests and outside users that log on to a university wireless LAN can easily bring the network down if they have a virus," said Rohit Khetrapal, president of San Francisco-based Perfigo.
This fall, when California State University, Long Beach, began experiencing virus problems, the university turned to Perfigo. Steve La, the university's director of network services, said that Perfigo's ability to track those machines with up-to-date virus protection was an important feature, especially given the management challenges presented by the university's large user base, which includes more than 30,000 students, plus staff.
With the Perfigo system, before a client computer is allowed onto the network, its MAC address is cross-referenced with a list of pre-approved machines. If the computer's address is not on the list, access is denied and the user is directed to an intranet site that explains how to upgrade antivirus software and, if necessary, clean the device. Once that process is complete, the user is allowed back on the network.
La uses this strategy to guard not only the school's wireless LAN, but its wired one as well.
Using a list of clean users to help determine access is an important feature for this type of network security software, said Julie Ask, a senior analyst with New York-based Jupiter Research. "It ensures compliance with existing procedures," she said.
La, however, is never certain how many students are properly patching and cleaning their devices, because Perfigo's product does not provide that information. Also, he said that CleanMachines lacks detailed reporting capabilities, so he cannot quantify its effectiveness.
SecureSmart CleanMachines starts at $5,000 per SecureSmart Server.
FOR MORE INFORMATION:
Download our white paper on denial-of-service attacks.
Pose questions to security expert Puneet Mehta.