- IE 8 hits Beta 2, privacy features added
- 10 Firefox add-ons for better browsing
- Cisco buys PostPath
- 595 immigrants arrested at electronics plant
- Locked iPhones can be unlocked without password
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
It looks like Juniper is following through on its promise to support NAC in its new EX LAN switches.
In Network World tests the switches demonstrated the ability to restrict authentication via 802.1x, which is considered the most secure and scalable method of NAC authentication. (Compare NAC products)
The test found that the switches can authenticate multiple or individual devices per port, to static or dynamically assigned virtual LANs (VLAN) or via dynamically applied access control lists.
In addition, the switches can authenticate based on media access control (MAC) addresses, which comes in handy for devices that don’t have 802.1x agents on them such as printers and IP phones.
Here’s exactly what Network World tester David Newman had to say:
“Considering Juniper's longtime advocacy of NAC, it's not surprising that the EX 4200 did well in our authentication tests.
The switch passed all six scenarios, five of which used 802.1X. These tests examined authentication into a statically defined
VLAN; authentication of multiple clients per port; authentication into a dynamically allocated VLAN; authentication with dynamically
applied access control lists (ACL); and placement into a restricted VLAN upon authentication failure.
“In the ACL test the switch applied rules previously defined on the switch; this is far less cumbersome than the approach taken by some other switches, where ACLs must be entered into the RADIUS server then returned to supplicants during authentication.
“The switch also passed a sixth test involving authentication by a MAC address; this scenario represents the case where an end-station, such as a printer, lacks 802.1X supplicant software. One catch here was that the switch's CLI did not display clients currently authenticated by MAC addresses, as it did with 802.1X-authenticated clients. Juniper says it expects an August software release to remedy that.”
The full Network World review of the EX switches can be found here.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask to prospective vendors to get the right endpoint solution.
Download the white paper.
Unauthorized applications: Taking back control
Employees installing and using unauthorized applications like IM, VoIP, games and peer-to-peer file-sharing applications cause many businesses serious concern. How do you control these applications?
Download the white paper.
Comments (2)
Slow news weekBy Anonymous on July 22, 2008, 1:40 pmWhat's the logic behind summarizing an old switch test and dressing it up as news? Have Juniper have started "sponsoring" NWW to get favorable coverage the same...
Reply | Read entire comment
WowBy Anonymous on July 22, 2008, 9:14 amWow switches that can authenticate on MAC addresses! Thats new!
Reply | Read entire comment
View all comments