Free Newsletters :
IT Management
Networks
Read More in Networks »

NAC: A User’s Guide

December 21, 2006
By

Jeff Vance



Jeff Vance



What to look for in a NAC solution

Related Articles
he Many Myths of Endpoint Security

Boeing Grappling With Data Theft

Restoring Online Privacy

Security Flaw Could Ground Wi-Fi Users

FREE IT Management Newsletters

1. Stop and identify the business drivers first.

Related Articles
  • The Many Myths of Endpoint Security
  • Cisco VPN: Something Old, Something New
  • Choosing Vendors: The Linux vs. Microsoft Red Herring
  • Best of Executive Tech, Part 1

    • “When you peel back the layers, the first driver is usually about unmanaged or guest users, such as consultants, contractors, partners, and even customers,” said Forrester’s Whiteley. “If this is your only concern, you can get away with a turnkey box that provides a ‘hotel experience.’ However, if you try to send every single wired user through that box, it will be costly. You’d be better off with something that integrates with your existing networking architecture.”

    2. Make sure the solution identifies both users and devices.

    “It’s critical to know who and what you’re talking to. I’m not going to give a guest the same access as an employee, and I’m going to run more checks on a laptop that has left the office than a stationary PC,” said Cisco’s O’Connell.

    3. Does the solution enable comprehensive health checks?

    “NAC promises to deliver an enterprise-wide architecture for compliance, saying that, perhaps, you need a Windows patch or an anti-spyware program running. It’s an ongoing access control system that checks a user’s compliance with policy,” Whiteley said.

    4. Are there posture assessment and enforcement mechanisms?

    “I know who I’m talking to. Now what do I give them? Based on policy, a human resources person shouldn’t have access to an engineering domain,” said O’Connell.

    5. Decide what your organization will do about quarantine and remediation.

    “This is where the real value is, but it’s the hardest part to do. Once you violate a policy, can I fix you so you are compliant, or are you on your own?” Whiteley asked.

    6. Determine the appropriate architecture, be it software, hardware, or one based on current vendor relationships.

    “Architecture affects function. What the best one? It depends on your goal. If you want to monitor users, it implies that you can see traffic, meaning the device must be inline. You may have agents on endpoints, but you need something centralized in the network,” said McLean of ConSentry.

    7. Look ahead to centralized policy management.

    “The problem is that there is no central policy standard. The vendors aren’t playing well together, so there are many separate islands of policy, ranging from Cisco to Microsoft to those of patch or anti-virus vendors,” Whiteley said.

    123





    IT Offers






    Partners
    Partner With Us














    More IT Management
    CIO Update
    Datamation
    eSecurity Planet
    ITSMWatch
    Intranet Journal
    IT Career Planet
    Project Manager Planet
    Semantic Web
    Datamation Definitions






     

    internet.commediabistro.comJusttechjobs.comGraphics.com

    Search:

    WebMediaBrands Corporate Info

    Legal Notices, Licensing, Permissions, Privacy Policy.
    Advertise | Newsletters | Shopping | E-mail Offers | Freelance Jobs

    Solutions

    Whitepapers and eBooks

    Microsoft Articles: Visual Studio 2010
    Adobe Article: Adobe Helps PHP Developers Create Rich Internet Applications
    Microsoft Whitepaper: How Windows Server 2008 R2 Helps Optimize IT and Save You Money
    Adobe Article: Java Developers Finding a Home at Adobe Flex
    IBM Articles: A Smarter Business Needs Smarter Technology
    Intel Xeon Processor Increases Server Efficiency and Capabilities
    Intel Tech Brief: Automated Energy Efficiency for the Intelligent Enterprise
    Oracle Whitepapers - Innovation for IT Leaders
    Avaya Article: Communication-Enabled Mashups--Empowering Both Business Owners and IT
    		 Internet.com eBook: IT Manager's Guide to Social Networking
    Internet.com eBook: Get Ready for Windows 7
    Microsoft Article: Expression Web 3--New Features for PHP Developers
    Whitepapers: Manage Your Business Infrastracture with IBM
    Whitepaper: Maximize Your Storage Investment with HP
    Internet.com eBook: Becoming a Better Project Manager
    Microsoft Article: Stress Free and Efficient Designer/Developer Collaboration
    MORE WHITEPAPERS, EBOOKS, AND ARTICLES

    Webcasts

    Webcast: Connecting PHP to Microsoft Technologies
    Video: Microsoft Partner Program Benefits
    Video: Windows Azure Debugging Tips
    SAP BusinessObjects Webcast: Unlock the Power of Reporting with Crystal Reports
    		 IBM Webcast: Speed Business Innovation with Reduced Cost and Risk
    Video: Deploy Applications on Windows Azure
    MORE WEBCASTS, PODCASTS, AND VIDEOS

    Downloads and eKits

    Download: Microsoft Visual Studio 2010 Beta 2
    Downloads & Free Trials: Microsoft's New Efficiency Resource Center
    Get the Windows 7 SDK
    		 Free Trial: Red Gate SQL Backup Pro 6
    Iron Speed Designer Application Generator
    MORE DOWNLOADS, EKITS, AND FREE TRIALS

    Tutorials and Demos

    Internet.com Hot List: Get the Inside Scoop on the Hottest IT and Developer Products
    All About Botnets
    		 MORE TUTORIALS, DEMOS AND STEP-BY-STEP GUIDES