Meraki Expands Cloud Networking with NAC
February 24, 2011
Cloud-managed networking gear expands with new security features and a 900 Mb/s access wireless access point.
Networking vendor Meraki is updating both its software and hardware this week expanding security and performance. Meraki develops cloud managed network routers and Wi-Fi access points.
On the software side, Meraki's hardware is based on a hardened Linux operating system at its core. As part of the new update, Network Access Control ("NAC") is being added to the Meraki platform in an effort to help further secure enterprise IT assets. Kiren Sekar, director of marketing at Meraki told InternetNews.com that customers like the idea of NAC, though in his view it hasn't gone mainstream due to complexity issues.
NAC technologies have been around for years as a way to help validate the security status of connected endpoint devices. There are a number of standards in the NAC space, most notably IETF NEA (Network Endpoint Assessment) which promotes interoperability across Cisco NAC and the Trusted Computing Group's TNC specifications. According to Sekar, the Meraki NAC implementation is compatible with other NEA implementations.
The Meraki NAC solution performs a pre-admission check which validates that the endpoint has up- to-date security software in place before the device is allowed onto the network. Many companies in the NAC space have moved beyond pre-admission to include post-admission checks as well, to ensure that devices remain in policy after they connect. Sekar noted that the Meraki solution is currently only for pre-admission.
Meraki NAC is enabled on endpoints by way of a Java agent that needs to be installed on the devices. As a client-side technology, Java has been noted by multiple security vendors including Cisco and Qualys for usually being the most out-of-date technology on PCs. Since Java is often not updated by users, users and their PCs are at more risk from Java exploits. Sekar was unable to comment about whether or not Meraki's NAC solution checks to see if the endpoint is using an updated version of Java and if that affects the efficacy of the NAC solution..Sekar noted that beta customers of the NAC solution have been happy with the feature set, though it could be expanded in the future.
"This is included at no additional cost with our wireless LAN and routers," Sekar said. "So if someone is evaluating this they aren't comparing it against a NAC solution they would go out and purchase separately."
Meraki offers its products on a pay as-you-go subscription model, which includes both hardware and updates.
The company is also introducing a new top-of-the-line MR24 access point. According to Merkai, the MR24 has a total multi-radio capacity of 900 Mb/sec.
"This is the first enterprise access point to ship with three-stream MIMO technology, which is a way for each of the radios to use three antennas at once," Sekar said.
Sekar said Meraki's strategy is to continue to integrate more parts of the network that can be complex for enterprises to manage and deploy into the Meraki platform.