Skip to content


Nevis Networks extends network-based identity access control to remote and branch office users

Mountain View, Calif. – December 18, 2006 – Nevis Networks, a market leader in a new class of comprehensive enterprise LAN security solutions, today announced a major new operating system release for its LANenforcer security appliance that can now enforce identity-based access control, threat containment and endpoint compliance verification for individual users accessing LAN and data center resources from wired, wireless, remote and branch locations. The company is also announcing a new, appliance-based version of its LANsight One security manager that provides a security hardened, high-availability platform to centralize and greatly simplify advanced monitoring, policy management and reporting.

Nevis’ new LANenforcer operating software and management appliance will significantly reduce the cost and complexity of LAN security by providing customers with a single appliance and centralized management system to secure individual users, regardless of how they enter the LAN core. By adding a “layer 3 aware” capability, the LANenforcer security appliance can now verify endpoint security postures, authenticate log-ins, and enforce flexible policy-based network and application access control on an individual user basis, regardless of the source of their network connection. The LANenforcer’s new operating system permanently binds an individual user’s identity to their IP or unique MAC address as they authenticate their identity upon logging into the network. This eliminates the opportunity to masquerade a user identity and ensures only legitimate users can access authorized resources. By extending its comprehensive LAN security capabilities to remote and branch office locations, Nevis is expanding its market opportunities significantly, especially among retail, education and multi-campus enterprises.

“With nearly 80 percent of the workforce now working outside of corporate headquarters, the need to secure remote and branch office users seeking access to corporate LAN resources has never been greater,” said Chris Liebert, senior analyst, security solutions & services, Yankee Group. “What’s significant about solutions that effectively tie identification to policy based network rights at the point of authentication is that it effectively controls individual users across the entire spectrum of network connections. That’s going to help limit unauthorized access to corporate assets, which is of key concern to enterprises that have mobile and unmanaged users coming onto the network; savings on capital equipment expenditures; simplification of LAN security deployment efforts, and create much greater levels of security for distributed enterprises.”

By extending its identity-based network access control capabilities across multiple network connection sources, Nevis is fundamentally changing how enterprises create and enforce LAN security policies. Previously, enterprises had to create and apply separate polices for each type of network connection. The LANenforcer’s new operating software eliminates this cumbersome approach by enabling administrators to establish policy driven access controls that can be automatically applied at the network layer. “We’ve been deploying the Nevis LANenforcer security appliance to provide pre- and post-authentication network access control for over 40,000 student, teacher and staff users spanning more than 100 schools,” said Jeremy Hobbs, chief information officer with Upper Canada District School Board. “The LANenforcer’s new operating software is going to be extremely beneficial since we have to enforce access policies for a wide range of users who connect to the network from a wide variety of sources.” “Distributed organizations are clamoring for solutions that will help secure remote and branch office users when they try and access sensitive LAN resources, data and applications,” said Chris Scanlan, Southwest Regional Director of Accuvant; a Nevis security solutions provider. “That’s why adding layer 3 awareness to the LANenforcer security appliance is such an important development. We now have a LAN security solution that can extend the concept of a ‘personal DMZ’ out to remote and branch users, arguably the fastest growing user population requiring advanced identity-based network access control measures.” New LANsight One Appliance With the introduction of an appliance version of the LANsight One security management system, Nevis is providing customers with increased scalability, higher availability and ease of deployment.

The new LANsight One appliance can manage up to 3,000 concurrent users, a three-fold increase over the previous release. Featuring a new “dashboard” interface, administrators can gain instant visibility into the security posture status of endpoints throughout the network. Fully stateful failover functionality also means that there is no single point of failure in the Nevis solution, and maintains strict security policies with 5 9’s reliability and availability. New service distribution reports are also available that provide critical visibility into what services are being used by individual users across the network as a means of identifying trends, usage patterns and potential sources of misuse or suspicious activity.

The new LANsight One appliance also provides the ability to customize and format user visible messages related to user authentication and endpoint posture verification failures. This keeps end users informed throughout each step of the network admission process and greatly reduces help desk calls. “The axiom that ‘you can’t control what you can’t see’ is especially true in LAN security,” said Shane Buckley, chief operating officer with Nevis Networks. “By coupling a more powerful security management and monitoring system with extended LAN security support for fast growing remote and branch office locations, we’re positioning our LANsight One and LANenforcer solutions for accelerated and widespread adoption heading into 2007.”

About Nevis Networks
Nevis Networks provides innovative ASIC-based LAN security systems designed to help corporations protect information privacy and integrity, ensure network availability, and maintain regulatory compliance. With its patent-pending LANsecure™ architecture, the Nevis LANenforcer product family integrates NAC with the deepest threat containment at wire speed to create a “Personal DMZ” around every user on the LAN. Nevis was founded in 2002 by seasoned executives with strong track records in security, semiconductor design, and networking technologies, and has raised over $40 million from veteran Silicon Valley investors New Enterprise Associates, BlueRun Ventures, and New Path Ventures. The company is headquartered in Mountain View, California, with additional R&D centers in Pune, India and Beijing, China.