• 09/29/2007
    4:00 AM
  • Network Computing
  • News
  • Connect Directly
  • Rating: 
    0 votes
    Vote up!
    Vote down!

NAC Success Depends On A Solid Foundation

To succeed with network access control, lay the groundwork. Develop policies and inventory your current security infrastructure to maximize integration.
What's that? Your CEO played golf with a sales rep and is ready to cut a check for a pile of new network access control gear?

Don't clear space on the loading dock just yet--the most difficult part of NAC is developing the policies that will determine when and how computers may access network resources. Policy development must be completed before you even consider product features.

InformationWeek Reports

NAC policies require that computers have the latest patches and are in an acceptably secure configuration for the tasks they're trying to perform and the data they're attempting to access. Based on how a computer lives up to these preset requirements, access controls determine the servers and services it can access. An enforcement component can ensure that an out-of-spec system is directed to an update site or given access to the Internet only.

The Opportunity
>> COST CUTTING Save money and integration time by selecting NAC products that work with your existing infrastructure. Generally, out-of-band NAC doesn't entail a per-client cost.
>> INNOVATION Rather than controlling access at the network edge, consider flipping your model by centralizing resources in a well-protected data center.
>> KEYS TO SUCCESS Know what problem you want to solve, and ensure that your NAC system supports required assessment and enforcement methods.
NAC policies contain two distinct parts: conditions, such as computer configuration, user name, or patch status, and actions that define how a system is controlled, such as forcing the computer to change its configuration or making a user log in or apply missing patches. Any of those actions may require a computer to access a server connected to a quarantine network. But what if a user is unable or unwilling to update? Say your high-priced business consultant refuses to perform remediation to conform with your policies. What then?

We welcome your comments on this topic on our social media channels, or [contact us directly] with questions about the site.

Log in or Register to post comments