Elemental Security, Inc., the award-winning pioneer of new technology in enterprise information security, today at Interop Las Vegas 2006 announced a new approach to network access control (NAC) for enterprises, one that integrates access controls with a broad policy and risk management framework. The Elemental Security Platform (ESP) is the only product today offering this functionality, due to its unified infrastructure tying in policy, configuration management, and inventory management with access controls. This unique solution is being publicly demonstrated this week in Elemental’s Booth No. 913 in the Security Zone on Interop’s show floor.
Managing access controls in large ever-changing networks continues to be a challenge. ESP provides a policy-based approach which is seamlessly integrated with access controls that are granular, adapt to observed change, and are continuously updated. Elemental’s policy and risk management product enables enterprises to continuously monitor machines’ configuration, inventory, activity, and policy compliance. With ESP, enterprises can now integrate the access controls necessary to protect key systems and information, satisfy their internal security objectives, and assure compliance with regulatory requirements. Additionally, ESP supports this unified policy infrastructure and access control capability across a wide array of operating systems, including Windows, Solaris, HP-UX, AIX, Mac OS X, and Linux. This assures that policy management and the implementation of access controls are pervasive throughout the network.
“Elemental provides a complete network access solution, which ties in security policy management, configuration management, and inventory management into its network access control system,” writes Robert Whiteley, senior analyst, in the June 2005 report “Choosing The Right Network Quarantine Solution.” “As a standalone network access solution, it assesses managed and unmanaged devices, using its client-side agent to act as a policy firewall in controlling access. Elemental dynamically groups network resources, and role-based policies are automatically assigned as host group membership changes. If a noncompliant user is detected, then Elemental blocks that user at the client level.”
ESP enables security administrators to restrict access of managed and unmanaged machines (such as guest workers), unauthorized personal devices, and machines outside of the network. Unlike labor-intensive and error-prone traditional solutions – such as perimeter gateways; infrastructure-level ACLs, application and file permissions; and personal firewalls – ESP provides automation and ease of administration through dynamic host groupings that allow role-based access controls to be extended throughout large organizations, decreasing the administration burden of controlling access and allowing companies to better manage risk.
“It’s a difficult problem to solve, but Elemental offers a new approach to role-based access controls, one that has been validated by customers, analysts and competitive reaction as differentiated and needed in today’s ever-changing environments,” said Elemental Chief Marketing Officer Roy Agostino. “Elemental delivers a unified view into a user’s identity, applications running, hardware used and more, and this level of transparency increases an organization’s knowledge about the changing state of their networks, leading to better decisions on how to address any issues. At Elemental we understand the dynamic nature of the network and we are unique in helping enterprises manage their security and risk with our automation, dynamic grouping, and policies that are tightly coupled with access controls.”
Elemental provides the world’s only security policy system built from the ground up to make the state and activity of users and computers fully transparent, enabling customers to directly translate their business objectives into specific policies for all users and systems on their networks. Elemental unifies policy management, host configuration, inventory/discovery and role-based access control in one seamlessly integrated offering. Using Elemental, security administrators can easily assess the security posture of machines and networks, and make proactive decisions about managing risk. Security policy and compliance management continue to be top priorities due to increasing frequency and severity of security breaches, and regulations such as Sarbanes-Oxley (SOX), the Payment Card Industry (PCI) Data Security Standard, and the Health Insurance Portability and Accountability Act (HIPAA).
Elemental also partners with large infrastructure companies and complements their network-level admission control solutions. ESP shares compliance results with infrastructure solutions at the time of admittance, and continuously monitors those same policies after machines are allowed on the network. This layered protection assures that machines are compliant before getting on the network, and that they remain compliant once connected. Computers that fail to meet the required compliance threshold can have their access to key systems restricted by ESP until any issues are corrected.
The Elemental Security Platform
The Elemental Security Platform is an enterprise security software solution that enables organizations to manage the policies and risk for any computer connecting to the network. ESP is a client-server security system that provides broad visibility into all hosts in the enterprise and the means to control them through auto-deployed security policies. The system consists of the ESP server and ESP agents running on desktops and server hosts throughout a network. Its architecture is unique in its ability to detect, monitor and control hosts with or without ESP agents running on them. The product has earned numerous industry awards, including InfoWorld’s 2006 Technology of the Year Award, Information Security’s 2006 Product of the Year Award, and Network World’s 2006 Category Breaker Award.
Elemental is an industry leader in enterprise policy and risk management. Using its award-winning Elemental Security Platform (ESP), organizations can directly translate their business objectives into specific policies for all users and systems on their networks. For the first time, enterprises can use a single product to obtain measurable and comprehensive metrics for their security policy needs and compliance requirements. Founded in December 2002, Elemental is a privately held company backed by Bessemer Venture Partners, Mayfield, Sequoia Capital and Lehman Brothers Venture Partners. Red Herring and AlwaysOn awarded the company their annual awards for the top private companies. Elemental was also named the “Most Innovative” company at the RSA Conference 2006, and earned 2006 “Private Security/Start-up to Watch” honors from Red Herring and Network World. The company is headquartered in San Mateo, Calif., and has offices throughout the U.S.
Elemental and the Elemental Security Platform, among others, are trademarks or registered trademarks in the United States and certain other countries of Elemental Security, Inc. Additional company and product names may be trademarks or registered trademarks of other individual companies and are respectfully acknowledged.