ENDFORCE Releases Informant to Protect Enterprises from Unknown Users Who Evade Security Rules to Gain Network Access

Informant Silently Monitors Network to Detect Unauthorized Endpoints and Instantly Alert Enterprises

RSA Conference, SAN JOSE (February 14, 2006) ― ENDFORCE, the leading independent provider of network access control software, today released Informant to give enterprises a solution for managing unauthorized, or rogue, endpoints such as users who know how to bypass security enforcement mechanisms to gain access to network resources.

Informant silently monitors the network to detect and alert enterprises when unknown endpoints connect to the network. Unknown endpoints include rogue users with malicious intent who can’t be controlled through network enforcement mechanisms. Informant is a companion product to ENDFORCE Enterprise, which protects networks from non-compliant endpoints, and is deployed on the network and passively monitors network communications through Address Resolution Protocol (ARP) and redundant software-based Monitors.

When an unauthorized endpoint is detected on the network, Informant sends a real-time alert to administrators, giving them the necessary time and information to eliminate these high-risk endpoints from the network.

"Unauthorized endpoints pose a major security risk for organizations," said Greg Moore, chief executive officer of ENDFORCE. "They are also a major headache for administrators because they are able to access enterprise networks where complete enforcement is not technically possible or feasible. When organizations use Enterprise and Informant together, they gain control over both known and unknown endpoints accessing the network, giving them greater power to defend their networks."

Informant includes the following features:

Innovative, Secure Architecture – Distributed software Monitors provide broad overlapping surveillance. The server-based correlation engine accepts information only from authorized Monitors. Monitors sit passively on the network so that rogue endpoints cannot evade detection. An intelligent Correlator processes data from all authorized Monitors using time-based throttling to provide concise alerting to eliminate alert flooding.

Real-Time Alerting – Stealth monitoring provides real-time alerting to give administrators an early warning so they can take immediate action when an unauthorized endpoint connects to the enterprise network. Integration with ENDFORCE Enterprise guarantees that no false alerts are issued.

Comprehensive Reporting – Contains pre-defined summary and detailed reports, including several reports for rogue endpoints, exempt endpoints and alert information.

Centralized Administration – Central Web interface makes it easy for administrators to exempt endpoints from alerting by MAC address, prefix or IP address, subnet or range. Endpoints managed by ENDFORCE Enterprise are automatically exempted by Informant, simplifying overall administration.

About ENDFORCE

ENDFORCE is a leader in secure network access control solutions. Leveraging CONTEXT Aware Authorization™ technology, this software-only, vendor-neutral framework protects corporate network resources from non-compliant or misconfigured endpoints, enabling enterprises to enforce endpoint security policies and control network access. ENDFORCE Enterprise™ works with existing network infrastructure to provide the most flexible and cost-effective solution for the deployment and ongoing management of endpoint security policies for fixed, mobile, wired or wireless endpoints.

As a member of Cisco NAC, Microsoft NAP, and Trusted Computing Group™ (TCG), ENDFORCE Enterprise works seamlessly with all major network equipment platforms. For more information about ENDFORCE or to request a trial of its flagship product, ENDFORCE Enterprise, call 866-777-2537.