Network access control is a simple idea: Authenticate every user connecting to the network, then enforce an access-control policy based on who they are and other information, such as endpoint security checks and wired vs. wireless access method. After writing an architectural overview of NAC for Network World and an architectural overview of NAC, I´ve been exposed to the good and bad parts of NAC.
When you need them most, they leave you high and dry. A NAC strategy based on checking endpoint security works great for managed laptops and desktops, but (according to our testing) not so well for people coming into the organization – the folks you have the greatest security concerns about. If you´re doing NAC to check that strangers have virus scanners loaded, you´re doing it for the wrong reason.Read Full Story