What to consider when deploying NAC products

BROWSE BY TAG Network Security,   NAC and Endpoint Security Management,   Client security,   Enterprise Network Security,   VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Security How to set up a split-tunnel VPN in Windows Vista What is the difference between static and dynamic network validation? Port scan attack prevention best practices Securing the intranet with remote access VPN security How to prevent network sniffing and eavesdropping How to implement virtual firewalls in a complex network infrastructure How to manage network bandwidth with distributed ISP bandwidth How to edit group policy objects to give a user local admin rights How to prevent operating system cloning with AES 256-bit encryption How to securely connect a LAN POS to a remote point-of-sale device Client security InZero Systems launches hardware-based security gateway DLP technology challenges security costs Endpoint protection best practices manual: Combating issues, problems Kaspersky update for SMBs in wake of free Microsoft Security Essentials Microsoft makes free antivirus software widely available Security best practices in hotels Best Antimalware Products Perimeter defense in the era of the perimeterless network Microsoft Security Essentials (MSE) shows no vision, expert says Smart tactics for antivirus and antispyware

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary brute force cracking  (SearchSecurity.com) buffer overflow  (SearchSecurity.com) Crash Course: Spyware  (SearchSecurity.com) email spoofing  (SearchSecurity.com) phishing  (SearchSecurity.com) rootkit  (SearchMidmarketSecurity.com) social engineering  (SearchSecurity.com) Wired Equivalent Privacy  (SearchSecurity.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

It depends. I know of enterprises that currently run network access control (NAC) products with great success, and I've also seen cases where NAC projects were scrapped after encountering deployment issues.

The first key to a successful NAC implementation is to carefully research various tools and ensure that they are compatible with your existing infrastructure. If you're running in a fairly homogenous networking environment, it's a reasonable idea to give preference to the NAC product produced by your primary networking vendor. Not only will you have the best shot at interoperability, but you'll also have a single point of contact if you experience implementation issues. When production is down, there's nothing more frustrating than watching two vendors try to pass the buck back-and-forth.

The second key is to ensure the deployment of NAC is politically feasible in your organization. Before you try to roll out NAC, be sure to clear the policy and technology roadblocks by coordinating your deployment with key stakeholders. Here are some items you should consider:

• Does your networking infrastructure support NAC or are significant upgrades necessary prior to NAC implementation?
• Does your directory/authentication infrastructure support NAC? If you're going to place different requirements on different uses, this is key.
• Are the vast majority of systems on your network compliant with your proposed NAC policy? If not, you should consider remediating those systems in advance of the deployment to avoid significant disruption.
• How will you handle non-compliant systems? If they will be placed in a quarantine zone, will they have access to the resources (e.g. antivirus update servers, operating system patch servers) necessary to become compliant? If they will not be allowed any network access, how will they become compliant? Does your organization have the IT resources to handle a sudden rush of service orders?