Network access control, also called network admission control, is a method to bolster the security, visibility and access management of a proprietary network. It restricts the availability of network resources to endpoint devices and users that comply with a defined security policy.
The NAC can also provide endpoint security protection such as antivirus software, firewall, and vulnerability assessment with security enforcement policies and system authentication methods.
NAC is critical for modern businesses because it allows organizations to monitor the devices and users -- authorized and unauthorized -- trying to access the network.
Unauthorized users include cybercriminals, hackers and data thieves, and other bad actors that an organization must keep out. But businesses must also be gatekeepers for authorized users. This particularly applies to organizations that allow remote access to the enterprise network from non-corporate devices like mobile phones, laptops and tablets, or companies that allow employees working in the office to use personal devices. Both scenarios create security risks demanding organizations to address network security.
NAC is one aspect of network security. It provides visibility into the devices and users trying to access the enterprise network. And it controls who can access the network, including denying access to those users and devices that don’t comply with security policies. NAC solutions and tools help companies control network access, ensure compliance and strengthen their IT infrastructure.
There are two types of NAC, including the following:
Many NAC functions are performed by a network access server. A traditional network access server is a server that performs authentication and Authorization functions by verifying user logon information. Also known as a media access gateway or remote access server, a network access server handles remote logins, establishes point-to-point protocol connections and ensures that authorized users can access the resources they need.
A network access server can function in several ways, such as the following:
A network access server can also support the following:
NAC tools are proactive and designed to stop unauthorized access before it happens. They protect an organization’s network perimeter including the physical infrastructure, devices, software, applications and cloud-based assets.
There are many use cases for NAC:
NAC tools are also useful for security and authentication in specific industrial use cases, such as medical devices and healthcare systems.
NAC devices enforce security policies across all users and devices on a network through multiple capabilities, such as the following:
NAC offerings cover a broad range of capabilities and use cases. To find the right one, consider these factors:
NAC may not work for every organization. In some cases, it may not -- for example -- be compatible with existing security controls. However, it is ideal for businesses where the user environment can be controlled, as it provides strong protection for valuable or sensitive network assets.
26 Jul 2021