What is a Network Access Control (NAC) meant for?

Network Access Control (NAC) is an approach to computer security attempting to unify endpoint security technology, user or system authentication and network security enforcement.

It uses a set of protocols to define and implement a policy that describes how to secure access to network nodes by devices when they initially attempt to access the network. NAC might integrate the automatic remediation process into the network systems, allowing the network infrastructure (such as routers, switches and firewalls) to work together with back office servers and end user computing equipment to ensure the information system is operating securely before interoperability is allowed.

What level of control?

Only checking the end user is not enough. It is thus necessary to check the device itself knowing that it is the most vulnerable when requesting access to the network. As a matter of fact, NAC represents a new step in the definition of network access criteria.

Cyberattacks strategies have evolved. Computers and other kind of devices are fully capable of initiating malicious processes autonomously. When NAC is running an admission control, it controls the user, it authenticates the computer and it also adds profile control to the computer.

The different components of NAC protocol

NAC is a device including three main sub players:

  • A network access point’s control protocol
  • A network security policy server
  • A trust agent

What happens when a machine is trying to access the network?

  • Access point queries the agent and transmits the access request with information about security posture on security policy server
  • If policy is consistent, the computer receive address and accesses to VLAN
  • If the infrastructure is outdated, it can be quarantined
  • In the case of quarantine, previous saves could help to restore the computer and its data

What reaction in case of attack?

Following the classic process, integrity control has to be completed while the computer is being connected to the network. If the machine is infected or if it doesn’t provide you with the level of security you want to achieve, NAC is allowed to:

  • Quarantine the machine if it is not reliable and evaluate the seriousness of the attack
  • Deploy counter attacks by managing “guests”, monitoring activity and intrusion identification

What are the benefits of using a NAC solution?

A NAC protects your organization against all scenarios where a physical access to the network is necessary:

  • Malware introduced by an internal or external computer
  • An external ill-intentioned person (hacker, cracker etc)
  • An internal ill-intentioned collaborator trying to install malicious software
  • An unknown existing element already implemented on the network that represents a high risk for the computer and for the whole infrastructure

Productivity is about efficiency. In order to be productive, end users need to work with secure and efficient infrastructure protecting data and privacy. Indeed controls have to be performed when the computer or the device used is the most vulnerable; when accessing networks. This is the ultimate goal of a NAC solution.

If you would like to know more about NAC software provided by Nellsoft, please don’t hesitate to contact our team of experts.

«

Leave a Reply

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team. We send about 3-4 communications a year and never share our contacts with anyone.

You have Successfully Subscribed!

Inscrivez vous à notreNewsletter

Inscrivez-vous pour garder le contact avec nous. Nous envoyons quelques emails par an et ne partageons notre liste avec personne.

Votre inscription a réussi!