Avoid NAC Pitfalls with a Standards-Based Approach

Network Access Control (NAC) is one of the critical challenges in securing today's enterprise. How does an enterprise accommodate a variety of users with disparate access requirements, privileges, and levels of trust, in a single enterprise network? And how does one build a security framework that works with existing infrastructure, allows integration of multiple vendors' products, and creates a solid foundation for future growth?

The challenges include:

• Increasing network access requirements - for mobile users, unmanaged endpoints, demanding applications, and a diverse user community.

• Decreasing ability to ensure the security of an enterprise network due to ill-managed endpoints, explosive growth in vulnerabilities and shorter patch-to-outbreak windows.

• New breeds of threats are driving companies to evaluate NAC as a security solution.

The Trusted Computing Group (TCG) is an industry standards body formed to develop, define, and promote open standards for trusted computing and security technologies. TCG has developed an open architecture and standards for NAC, called Trusted Network Connect (TNC). It enables technology that helps ensure endpoint compliance with integrity policies at and after network connection. Open standards, designed to ensure multi-vendor interoperability across a wide variety of endpoints, network technologies and policies, can take the pain out of NAC deployment.

In an ideal world, NAC offers network protection, application-level access control, network visibility and monitoring (critical to compliance efforts), and role-based user access to handle all users.

In addition to a wide range of deployment considerations, NAC also introduces new challenges such as vendor lock-in, complexity, project scope and business disruption. In addition, the NAC market is still evolving and decisions made today must lay the groundwork for years to come.

Standards-based NAC provides risk mitigation for common enterprise security threats and can be used both to enforce and to demonstrate compliance with regulations such as PCI, HIPAA, Sarbanes-Oxley, etc. Internet drafts are also being developed by the IETF Network Endpoint Assessment Work Group.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

Organized Retail Crime (ORC) is a serious problem that has been on the rise for several years. The unprecedented event of the current pandemic will rival or even exceed any previous events. If COVID-19 by itself wasn't bad enough, add civil disturbance, bail reform, and the state of law enforcement, and you have a perfect storm.

Avoid NAC Pitfalls with a Standards-Based Approach

Blog Topics

Security Blog

On the Track of OSAC

Recent Comments

Insufficient information

Thankyou so much for sharing such an informative...

I just wish my mechanical lock had a...

security

Security

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Security Magazine

2020 August

Avoid NAC Pitfalls with a Standards-Based Approach

Blog Topics

Recent Comments

Blog Roll

Report Abusive Comment