WATCH OUT FOR THAT WORM
NAC vendors across the board say worm containment is a top driver. The idea is that assessment during and after network connection will pinpoint infected nodes. The NAC system can then take action, moving the host to a quarantine network or forcing upgrades and cleaning before it's allowed back on the network. The big "if" here is properly detecting infections in the first place--not an easy task because more-invasive malware disables antivirus and other security software.
Still, if your goal with network access control is to restrict user activity, what better place to apply policy than on the host itself? Many host-based NAC software suites combine anti-malware, desktop firewall, and application access control, at a minimum, to protect hosts from malicious software ... and from the person at the keyboard. We know that antivirus software can identify only that malware for which it has signatures, meaning new viruses are often undetected. In contrast, desktop firewall software not only blocks network traffic attempting to access the host, it can also limit how host applications can access the network. Application access control is not new--it's been in desktop firewall software for years--but the relevance to NAC is evident: If an application is unable to send e-mail or connect to IRC, or make any network connection, for that matter, its adverse impact is mitigated. The malware must still be removed, but you've bought yourself time.
Considering that many network access control products allow access to the network to do assessments anyway, a host-based NAC product squelches problems at the source.
One sticking point: IT often shies away from agent technology. Yet nearly all NAC products use some form of agent for host assessment and login tracking. So-called "dissolvable agents" are ActiveX or Java components that must be downloaded and executed on the user's computer, often with Power User or local Administrator rights. Moreover, unlike network-based NAC products that sit in line or out of band, the protective measures inherent in host-based systems travel with the computer, so a laptop is equally protected from attack at the coffee shop down the street as it is on the corporate LAN.
Bob Friday, Chief AI Officer for Juniper Networks, explains how the advanced technology is transforming operations.
Contact center leaders from 8x8, Awaken Intelligence, and 360insight discuss the importance of agent experience.
AI may force enterprises to rewire parts of their data centers so they are fully optimized to run such workloads. The question is do you use Ethernet or InfiniBand?
