Content

McAfee Network Access Control

McAfee Network Access Control product shot
Protect your network from noncompliant or infected systems

Noncompliant, infected, or misconfigured systems pose security risks and incur costs due to system downtime and restoration. Even one infected host on the network cause disruptions to network bandwidth or can infect other compliant systems. Boost NAC with McAfee Network Security Platform to protect high-risk areas on the network by identifying, quarantining, and remediating any infected device.

Tab Navigation

Benefits and Features

Benefits:

  • Minimize risk of outbreaks while allowing for policy flexibility
    Protect your network from zero-day threats and infected guest devices; monitor the network continuously for threat assessment and attack behavior originating from all types of devices
  • Minimize exposure from noncompliant, infected, or misconfigured systems
    Allow only authorized devices to have network access: enforce compliance by scanning devices to test their overall security posture as they attempt to log onto a network
  • Reduce downtime and risk
    Guard against infections and vulnerabilities from mobile devices; identify and quarantine misconfigured systems and company laptops that fall out of compliance; enforce network access decision at the system level; remediate noncompliant devices automatically
  • Make intelligent decisions based on real knowledge
    Gain visibility of system and network threats with efficient security collaboration; breakthrough McAfee ePolicy Orchestrator® (ePO™) integration provides real-time visibility of actionable system host details, as well as the most relevant host IPS, anti-virus, and spyware events
  • Leverage your existing network infrastructure
    Deploy to all ePO-managed systems in your network infrastructure without hardware replacements; get continuous, broad protection that keeps up with the latest threats using the advanced version of McAfee Total Protection for Endpoint Advanced, which includes NAC; manage it all from a single, centralized console.

Features:

  • Dynamic NAC with McAfee Network Security Platform
    Protect the internal organization from the threat of remote access, high-risk branch offices, or guest wireless networks by identifying, quarantining, and then remediating any infected device
  • Flexible and powerful remediation options
    Minimize helpdesk calls and make faster fixes on managed systems with automated remediation; for unmanaged systems, go to a user-directed remediation portal for quick results
  • Broad enforcement options
    Select from a variety of enforcement strategies, thanks to integration with ePO and a flexible architecture; manage "unmanaged" systems that cannot run agents with integrated McAfee Network Security Platform; and enjoy the added enforcement options of Microsoft Network Access Protection (NAP), such as 802.1X, DHCP, VPN and IPSec.
  • Centralized management and control
    Manage and control access to your network, along with your other system security protection, through a single console with ePO; get a bird's eye view or all the details about hosts and define policies; retrieve centralized reports of failed compliance checks and remediation action
  • Protection from non-Microsoft Windows devices
    Monitor and assess threats and attacks from any device, including Macintosh and Unix systems and devices with embedded operating systems, like VoIP phones, printers, faxes, and copiers

Testimonials

“We’re a pretty small team, with a demanding user community. By deploying McAfee, we added needed protection without diverting scant time and energy from our existing IT projects. It seems like security only gets more complicated—McAfee helps us keep it manageable.”

—Greg Hopke, Information Security Specialist

Description:

Mobility, mergers and acquisitions, and offshore partnerships mean greater flexibility but also increased risk. One noncompliant, infected, or misconfigured laptop on your network can cost you significant time and money: system downtime, loss of reputation, regulatory fines, frustrated customers, and IT support for restoring systems.

With the volume of noncompliant systems on your network growing quickly, it’s no wonder that you have so many concerns when it comes to network access control (NAC). Do users with administrative rights disable protection software before connecting or while connected to your network? Are company laptops likely to miss critical security updates or patches while disconnected from the network? How do you identify, quarantine, and remediate infected systems already on your network? What infrastructure upgrades do you need to deploy NAC?

Traditional network access control (NAC) systems promise to scan devices as they try to log onto a network to test their overall security posture. But enterprises are also looking for NAC protection against hidden attacks by monitoring devices after they’ve been granted access.

What’s the answer? McAfee Network Access Control (MNAC) mitigates risk to corporate assets posed by systems that don't comply with your security policies. It combines powerful yet flexible policy control with a wide range of enforcement methods to protect your network.

Extend the power of NAC with McAfee Network Security Platform to protect remote access, high-risk branch offices, and wireless networks from infected workstations, servers, non-Microsoft Windows machines, or handheld devices. Identify, quarantine, and remediate attack vectors before they spread. The McAfee ePolicy Orchestrator® (ePO™ ) management console gives you visibility and reporting on PCs used by guests or contractors, so that you can trigger anti-virus protections or automatically deploy an ePO agent to these systems.

System Requirements:

  • Hard Drive: 500 MB (first-time installation); 1 GB (upgrade); 2 GB recommended
  • RAM: 512 MB RAM; 1 GB recommended
  • CPU: Pentium compatible; 450 MHz or higher
  • Microsoft Windows 2000 Server/Advanced Server with Service Pack 3 or later, Microsoft Windows 2003 Enterprise/Standard/Web Service Pack 1 or later

McAfee Network Access Control server

The hardware requirements for the McAfee Network Access Control server are the same as for the ePolicy Orchestrator 4.0 server. When adding McAfee Network Access Control, we suggest using the recommended hardware configuration rather than the minimum configuration. For details, see the ePolicy Orchestrator 4.0 documentation.
The software requirements are:

  • ePolicy Orchestrator 4.0 with patch 2 installed
  • Rogue System Detection 2.0 or later

McAfee Network Access Control client

Systems on which you install the Network Access Control client must meet these requirements.
Memory: 512MB or higher RAM
• McAfee Agent 3.6 patch 2 or later

Operating System:
• Windows 2000 Professional, Service Pack 4
• Windows 2000 Advanced Server, Service Pack 4
• Windows 2000 Server, Service Pack 4
• Windows 2000 Terminal Services, Service Pack 4
• Windows XP Professional, Service Pack 2 or later
• Windows Server 2003 Enter-prise, Service Pack 1 or later
• Windows Server 2003 Standard, Service Pack 1 or later
• Windows Server 2003 Web, Service Pack 1 or later
• Windows Vista, all versions