Avoid NAC Pitfalls with a Standards-Based Approach

Network Access Control (NAC) is one of the critical challenges in securing today's enterprise. How does an enterprise accommodate a variety of users with disparate access requirements, privileges, and levels of trust, in a single enterprise network? And how does one build a security framework that works with existing infrastructure, allows integration of multiple vendors' products, and creates a solid foundation for future growth?

The challenges include:

• Increasing network access requirements - for mobile users, unmanaged endpoints, demanding applications, and a diverse user community.

• Decreasing ability to ensure the security of an enterprise network due to ill-managed endpoints, explosive growth in vulnerabilities and shorter patch-to-outbreak windows.

• New breeds of threats are driving companies to evaluate NAC as a security solution.

The Trusted Computing Group (TCG) is an industry standards body formed to develop, define, and promote open standards for trusted computing and security technologies. TCG has developed an open architecture and standards for NAC, called Trusted Network Connect (TNC). It enables technology that helps ensure endpoint compliance with integrity policies at and after network connection. Open standards, designed to ensure multi-vendor interoperability across a wide variety of endpoints, network technologies and policies, can take the pain out of NAC deployment.

In an ideal world, NAC offers network protection, application-level access control, network visibility and monitoring (critical to compliance efforts), and role-based user access to handle all users.

In addition to a wide range of deployment considerations, NAC also introduces new challenges such as vendor lock-in, complexity, project scope and business disruption. In addition, the NAC market is still evolving and decisions made today must lay the groundwork for years to come.

Standards-based NAC provides risk mitigation for common enterprise security threats and can be used both to enforce and to demonstrate compliance with regulations such as PCI, HIPAA, Sarbanes-Oxley, etc. Internet drafts are also being developed by the IETF Network Endpoint Assessment Work Group.

In this webinar, we review the results of a benchmark study that asked security professionals about their past, present and future outlook on manned guarding. Want to know what your peers are saying about their weekly billed hours? Join us to find out!

Ransomware and the propulsion of the extortion economy has rapidly eclipsed into a national priority. Recently, we observed the catastrophic impact of a widescale ransomware attack impacting gas pipelines and raising national gas prices overnight.

Poll

Comparison Metrics

View Results

Poll Archive

Products

Effective Security Management, 7th Edition

Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics.

See More Products

Avoid NAC Pitfalls with a Standards-Based Approach

Blog Topics

Security Blog

On the Track of OSAC

Recent Comments

Insufficient information

Thankyou so much for sharing such an informative...

I just wish my mechanical lock had a...

security

Security

Blog Roll

Security Industry Association

Security Magazine's Daily News

SIA FREE Email News

SDM Blog

Get our new eMagazine delivered to your inbox every month.

Stay in the know on the latest enterprise risk and security industry trends.