ConSentry upgrades its threat engine

New correlation features, dashboards help spot trouble.

ConSentry is introducing a new version of software for its intelligent switches that adds a permanent agent for assessing endpoint posture and can assess what Windows operating system patches have been applied.

New software for the company's LANShield intelligent switches and its LANShield Controller access-policy appliances also enables automatic remediation of shortcomings discovered via endpoint assessments.

Previously ConSentry gear performed posture checks of endpoints using a downloadable agent that dissolves when devices log off and that requires the machines' browsers to be turned on. The new permanent agents are meant for managed corporate machines and can perform their job with browsers turned off.

Before, the devices could send instructions to users about where they could update their laptops and desktops if they were found lacking by endpoint assessment. Now the software can divert the machines directly to sites where they can download the required upgrades.

The software can assess a broader range of threats and a more comprehensive body of data gathered by ConSentry devices, then send alerts based on policies set by customers. It can blend data about user, application, protocol, port, URL, time of day and so forth to create a policy that will send warnings. For example, if a particular user tries to access a certain protocol after business hours, the device could send an alert.

This capability will be used to support new targeted dashboards. A new NAC dashboard, for instance, displays the authentication status of all devices on the network or trying to get on. It shows several other statistics about the devices such as a breakdown of the specific shortcomings of the devices that have been denied access, as well as their general posture status -- unhealthy, unknown, unscanned, etc.

Administrators can click on any category for a listing of each device that falls into that category.

These new capabilities can help troubleshoot network problems as well as identify unauthorized devices and use of rogue applications, the company says.

Tags consentry

Show Comments