Networking

05:00 AM
Connect Directly
RSS
E-Mail
50%
50%

NAC's Missing Piece

The whole of NAC has centered around assessing an endpoint's health and controlling access by granting admission or enforcing quarantine. That's all well and good, but it's not really access

Is it too early in the nac game to start talking about revolution or evolution? The whole of NAC has centered around assessing an endpoint's health and controlling access by granting admission or enforcing quarantine. That's all well and good, but it's not really access control.

The problem with data security today is that access to resources is frequently not well-defined or controlled across a broad range of applications. It's impossible to centrally define a role with all the access controls for all the network applications a user might need because, quite simply, there are no common standards that all vendors--OSs, authentication systems and applications makers--adhere to. Sure, there has been work with SAML, but few systems support it.

NETWORK ACCESS CONTROL
Immersion Center

NEWS | REVIEWS | BLOGS | FORUMS TUTORIALS | STRATEGY | MORE

Many NAC products do take into account identity information before making an access decision, but the implementation is often coarse-grained--a host is managed or not, or the user is known. This is still not quite access control. The whole idea of "identity-based network access control" comes down to granting access within applications based on who you are. This is still beyond the purview of NAC as it is defined today. --Mike Fratto, mfratto@nwc.com

Comment  | 
Print  | 
More Insights
Slideshows
Cartoon
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Twitter Feed