NAC isn't the only show in town for network defense. Technologies and organizational processes including 802.1X for computer and user authentication, VPN encryption, strongly enforced desktop management policies to ensure that your hosts are properly configured, and proper role definition and application access controls can help achieve this goal. But even if you implement all these, you still have the roaming computer problem, and that's perhaps the strongest argument in favor of host-based NAC. Protect the computer while it's out of your control, then ensure it's not infected when it returns home.
Host-based NAC features like application access control and host firewalling of outbound as well as inbound traffic may keep malware like the Storm worm off your network, even if an individual system becomes infected. Today, host-based NAC makes most sense in cases where the majority of computers are company owned; the guest access issue is generally not well addressed, and in this Rolling Review we'll ask vendors about their plans in this area.
| Host-based NAC Rolling Review |
| THE INVITATION This Rolling Review will focus on NAC products that are installed on hosts and both assess system health and enforce NAC policies. Companies are looking at NAC as a way to protect internal resources and limit the activities that users and hosts can perform on the network. Binary policies that choose "on" or "off" based on host condition are often not robust enough to be effective. Rather, policies need to match acceptable access rules that allow users and devices to interact on the network while maintaining security. For this Rolling Review, our written policies and goals will reflect that reality. Similarly, enforcement decisions are not always "grant" or "deny." Rather, a variety of enforcement choices, like warning a user, starting an update in the background, limiting access to certain resources or quarantining hosts, should be available. We will test common scenarios, such as a conference room that is open to the public, an internal network segment that contains managed computers, and a remote worker. All testing is conducted under real-world conditions. We will assess products based on the following criteria:
|
Verizon is demoing crowd analytics technology that uses 5G along with AI and mobile edge computing to give stadium operators insights into the flow of fans throughout a venue.
As we move closer to fully realizing the potential of Wi-Fi 7, it becomes evident that the RF, signaling, and throughput tests are not merely procedural checkpoints but the pillars of excellence in wireless communication.
With low earth orbit (LEO) satellites fast becoming the norm and 3GPP unifying telecom standards around the globe, the satellite IoT and machine-to-machine (M2M) sector ought to be looking at a bright horizon. But is this the case?
