Avenda Adds Non-802.1x Agents to NAC Appliance Software

Avenda Systems will shortly be rolling out enhancements to eTIPS, its network access control appliance. Expected in early November 2010, the updates include OnGuard, a set of network access agents, and enhanced features in the company's guest management application.

Deployed in conjunction with eTIPS version 3.5, also due in November, the OnGuard agents provide identity and health checks for environments that are incompatible with 802.1x, such as older versions of Mac OS X, Linux, or Windows operating systems. This will allow campus IT administrators to manage those devices alongside 802.1x devices in controlling access to peer-to-peer applications and services through their networks to help ensure the health of devices getting onto the network and to send network notifications to users. For example, if a user is caught violating media copyrights or is running a device with out-of-date anti-virus, anti-spyware, or firewall settings, IT can deny network access to that device and send a message that appears on the screen at set intervals warning that person to take corrective actions to bring the machine up to standard.

"The enforcement of peer to peer policies always comes up when we talk to higher ed prospects," noted Trent Fierro, director of marketing. "Now you can go in and create a policy: 'I will allow this and I won't allow that,' even being specific about what types of peer to peer apps kids can use."

If a user is doing something not allowed by the school, IT can bounce the person off the network and send a message that pops up on the user's screen, with information about how to regain network access.

Currently, in order for non-802.1x devices to be authenticated, the user is forced to use a Web portal for login. "A lot of people don't like to do that," Fierro pointed out. Users tend to assume that once they've logged onto their computer, they'll have access to the network, he said. "But we were forcing customers to do an additional login, like you're logging into a hotel or an airport network." There's big pushback from people who don't want to do that, he added.

Under the new scheme that uses the persistent agent technology, the IT person can capture information about the user, the services they're running, the types of applications they're using, and the health aspects of the machine. "What this means is that I can do a mix of 802.1x and non-802.1x and get the same kind of information. That opens it up. You're maintaining the same kind of policies now for both types of environments, which you couldn't do before," Fierro said.

OnGuard also addresses the challenge of performing health checks on devices connecting to the campus network through a virtual private network. This will replace the need for Avenda Edge in environments running eTIPS version 3.5.

One unnamed campus customer requested the ability to use the agents strictly for health assessments. For that reason, the agents can handle both identity and health checks or just health checks alone. "They want to check against their Active Directory for the identity of the person, but they want to use eTIPS for the health component," Fierro said. "They're not going to modify their approach to policies. They're going to use eTIPS to go back and say, is this user running anti-virus? What level? When was it last run?"

Avenda has also said it would add Web-based authentication features to eTIPS 3.5 for environments running Meru Networks wireless controllers and Cisco Ethernet switches.

The company has bolstered GuestConnect to provide for tiered approval flow in eTIPS' guest registration application. This feature will let the IT administrator designate various levels of permission for set-up of guest user access based on user role. The application also includes a function for users to add their own endpoint MAC addresses to the system, which will allow approved devices to be tracked and managed by IT without IT intervention.

About the Author

Dian Schaffhauser is a former senior contributing editor for 1105 Media's education publications THE Journal, Campus Technology and Spaces4Learning.

Featured

  • Case Systems makerspace

    Case Systems Launches Line of K–12 Makerspace Installations

    Case Systems recently announced the launch of SALTO, a line of classroom fixtures and installations for K–12 learning spaces like STEM labs, art rooms, and makerspaces. The product line is designed to provide teachers with flexibility and adaptability, enabling them to shift between collaborative and individual learning environments.

  • stylized illustration of two children engaged in engineering activities, one using a tablet and the other assembling mechanical parts like gears and pulleys, set against a colorful background with abstract shapes

    Applications Open for DiscoverE STEM Grant Opportunities

    Discover Engineering is accepting applications for Engineers Week and Girl Day 2025, two grant opportunities dedicated to inspiring the next generation of innovators through experiential learning in the field of engineering.

  • Geometric illustration of colorful robotic toys with distinct features like heads, arms, wheels, and antennas on a light gradient background

    KinderLab Robotics Expands Curriculum to Serve Upper Elementary Students

    KinderLab Robotics has expanded its STEAM robotics offerings with a new curriculum to develop computational thinking and computer science skills for students in grades 3-5.

  • teacher and children working with a LEGO Education Science kit

    LEGO Education Debuts Science Kits for Hands-on Learning

    LEGO Education has announced a new learning solution to engage students in hands-on science learning. Available in three kits by grade band, LEGO Education Science provides 120-plus standards-aligned science lessons, teacher materials, and select LEGO bricks and hardware.