Frank Andrus, CTO of the Concord, New Hampshire-based Bradford, said: We’re interested in working with other vendors in sectors such as SIM [security information management], IDS/IPS, and network infrastructure. Another area he mentioned as ripe for partnering is remediation and patching, which would suggest relationships with companies like PatchLink or BigFix might be on the cards.
The deal with Aruba, which is OEMing the Bradford technology in its own NAC offering, followed an announcement the NAC vendor made in July with Finnish security appliance vendor Stonesoft. However, Matthew Schmitz, Bradford’s director of product management, said the deal is not an OEM. It is for joint marketing and tighter integration, with us leveraging their IPS, he said.
This should enable the two companies to preach the gospel of post-NAC checking, keeping an eye on an endpoint’s behavior after it has been allowed onto a network, in case it is compromised during a session and needs to be blocked or quarantined after gaining access.
All the NAC vendors who have an IPS heritage, such as ForeScout and Mirage, tend to talk up the post-NAC aspect, not least to highlight the weakness of competitors who have only the initial access authorization, or pre-NAC, part of the technology.
In addition to partnerships, Andrus said Bradford is also planning to deliver more services on its product, citing as one example workflow. We could provide webpage services for guests and contractors for easier implementation, he said.
Our View
Bradford’s background is in selling NAC into the educational market where the need for controlling what machine can and can’t get onto a campus network is felt acutely for obvious reasons that might be referred to as cyberpromiscuity.
In February it unveiled NAC Director, which is its offering for the enterprise market, but that is a far more hotly disputed market, with a lot of bigger names, as well as a plethora of other small players, all seeking visibility and market share.
NAC, meanwhile, is rapidly reaching that stage in the life of a technology when it starts to disappear into the fabric, so the start-ups and minnows are signing OEM deals with bigger players in order to take their technology to a broader market than their budgets would allow.
Equally, a lot of players like PatchLink and BigFix have been growing their remit through acquisition and/or partnering, so Bradford’s ideas are at least likely to find willing listeners.