>> Host-based NAC relies on an installed host agent to assess and enforce access policy. Installed agents are centrally managed, and the access policy follows the host even when it's off-network. Unlike network-based enforcement mechanisms, host-based NAC can control not only what traffic passes to and from the network, but also which applications can use the network. For example, there's no reason why a workstation should have a program attached to the mail port. Fine-grained control of the host agent and limited interaction with the user are compelling reasons for host-based NAC. Of course, there is another software agent that has to be managed, and guest and contractor access is often not well supported. In addition, non-Windows hosts may not be supported.
Got That?
We've covered a lot of ground in this tutorial, and with forty-plus vendors in the NAC space (at last count) there's bound to be an excess of hype and hyperbole. Fundamentally, however, there are only so many ways to assess a host, and so many ways to enforce a policy. We will continue to expand this tutorial by diving deeper into the technology, testing products and challenging vendors.
Mike Fratto is a senior technology editor based in Network Computing's Syracuse University Real-World Labs and former editor in chief of Secure Enterprise. Prior to joining this magazine, Mike worked as an independent consultant in central New York. Write to him at [email protected].
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
There are many network courses that can address your present job's priorities and help you gain the needed skills to keep pace with industry changes and new technologies.
