Network Access Control (NAC) is an approach to computer security attempting to unify endpoint security technology, user or system authentication and network security enforcement.
It uses a set of protocols to define and implement a policy that describes how to secure access to network nodes by devices when they initially attempt to access the network. NAC might integrate the automatic remediation process into the network systems, allowing the network infrastructure (such as routers, switches and firewalls) to work together with back office servers and end user computing equipment to ensure the information system is operating securely before interoperability is allowed.
What level of control?
Only checking the end user is not enough. It is thus necessary to check the device itself knowing that it is the most vulnerable when requesting access to the network. As a matter of fact, NAC represents a new step in the definition of network access criteria.
Cyberattacks strategies have evolved. Computers and other kind of devices are fully capable of initiating malicious processes autonomously. When NAC is running an admission control, it controls the user, it authenticates the computer and it also adds profile control to the computer.
The different components of NAC protocol
NAC is a device including three main sub players:
What happens when a machine is trying to access the network?
What reaction in case of attack?
Following the classic process, integrity control has to be completed while the computer is being connected to the network. If the machine is infected or if it doesn’t provide you with the level of security you want to achieve, NAC is allowed to:
What are the benefits of using a NAC solution?
A NAC protects your organization against all scenarios where a physical access to the network is necessary:
Productivity is about efficiency. In order to be productive, end users need to work with secure and efficient infrastructure protecting data and privacy. Indeed controls have to be performed when the computer or the device used is the most vulnerable; when accessing networks. This is the ultimate goal of a NAC solution.
If you would like to know more about NAC software provided by Nellsoft, please don’t hesitate to contact our team of experts.
« What existing solutions to be protected from BIND critical security vulnerability?