IT SOLUTIONS
Network Access Control
Fast emerging as the new front-line defense for enterprises as they struggle against the ballooning volume of malware, spyware and other security threats
What is NAC all about?
The act of keeping unauthorised users and devices out of a private network is known as Network Access Control.
NAC (Network Access Control) is fast emerging as the new frontline defense for enterprises as they struggle against the ballooning volume of malware, spyware and other security threats – not to mention the pressure of user demands for access at any time and from anywhere in the world.
The biggest problem now is with machines and devices that access the network that are already infected, or that are vulnerable to infection. Traditional security methods don’t work so well in those situations, and NAC provides that extra layer of protection.
NAC is not necessarily an easy technology to work with, though vendors have introduced appliances that are simpler and less costly to deploy. Whatever route organizations take, however, NAC offers them a powerful way to both boost their overall security and cut down on support costs.
It’s more of a process that identifies the status of network endpoints before it accesses the network and then, afterward, monitors them to make sure they remain compliant with security policies and configurations.
Implementing NAC will conversely affect how security policies are developed and deployed on desktop and portable devices and the software that runs on them. It could also involve upgrades to network infrastructure such as switches.
Majority of organizations would want NAC to help block viruses, intercept external attacks, stop spyware and malware from infecting their systems and block email attacks.
What is NAC?
Network Access Control (NAC), also called network admission control, is a method of bolstering the security of a proprietary network by restricting the availability of network resources to endpoint devices that comply with a defined security policy.
A traditional network access server (NAS) is a server that performs authentication and authorization functions for potential users by verifying logon information. In addition to these functions, NAC restricts the data that each particular user can access, as well as implementing anti-threat applications such as firewalls, antivirus software and spyware-detection programs. NAC also regulates and restricts the things individual subscribers can do once they are connected. These subscribers can be employees, guest users or partners.
NAC is ideal for corporations and agencies where the user environment can be rigidly controlled. However, some administrators have expressed doubt about the practicality of NAC deployment in networks with large numbers of diverse users and devices, the nature of which constantly change. An example is a network for a large university with multiple departments, numerous access points and thousands of users with various backgrounds and objectives.
Why You Need NAC?
The security threats facing the enterprise are much more numerous and sophisticated now than they were back in the days when putting up a firewall to stop potentially hostile traffic from penetrating the perimeter was deemed sufficient. Malware, spyware and phishing attacks now come in all kinds of disguises, and it’s hard for any one defense to stop them.
The potential sources for the bad stuff have also increased as the enterprise itself has become a much fuzzier entity — and therefore, much harder to guard. With the globalization of business, customers and partners from anywhere in the world now require access to the network.
The increasing mobility of the work force and the explosion of wireless technologies also means that an organization’s own employees also expect to have anytime, anywhere access.
Devices and users are increasingly beyond the direct reach of enterprise security, the danger comes from systems that are already infected and are vulnerable. Such systems might not be compliant with the organization’s security policies or up-to-date with such things as operating system patches. And it only takes one infected host on a network to cause disruptions or infect other hosts.
NAC promises the best chance yet to cut down on these hazards. By stopping any infected or noncompliant device from accessing the network, and by offering a way to automatically bring those devices into compliance, it ensures a much cleaner and less risky host environment.
Married with other security services such as an intrusion detection and prevention system, NAC also allows those devices to be continuously monitored once they are on the network in order to make sure they stay compliant.
As organizations that have already deployed NAC are discovering, the technology can also boost productivity. Because of the security concerns about such things as wireless and mobile devices, many organizations have decided to simply ban their use, even though they can help employees do their jobs better. NAC means that those bans can now be dropped.
NAC is increasingly seen as the best first line of defense for enterprise security.
