Network Access Control Learning Guide

Network Access Control Learning Guide

From PDAs to insecure wireless modems, users have myriad options for connecting to -- and infecting -- the network. This guide offers tips and expert advice on network access control. Learn how unauthorized users gain network access, how to block and secure untrusted endpoints, and get Windows-specific and universal access control policies and procedures. As a bonus, this guide is also available as a

Requires Free Membership to View

Login

SearchSecurity.com members gain immediate and unlimited access to breaking industry news, virus alerts, new hacker threats, highly focused security newsletters, and more -- all at no cost. Join me on SearchSecurity.com today!

Michael S. Mimoso, Editorial Director

By submitting your registration information to SearchSecurity.com you agree to receive email communications from TechTarget and TechTarget partners. We encourage you to read our Privacy Policy which contains important disclosures about how we collect and use your registration and other information. If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States. Your use of SearchSecurity.com is governed by our Terms of Use. You may contact us at webmaster@TechTarget.com.

PDF download.

TABLE OF CONTENTS
   Securing remote access points
   Endpoint security tactics
   Network architecture controls
   Firewalls
   VPNs
   Windows-specific network access control procedures
   Network access control policies
   More security learning resources
   Security IT Downloads

Securing remote access points

Return to Table of Contents

Book chapter: Remote access as an attack vector (SearchSecurity.com)
PDF: IPsec and SSL VPNs: Solving remote access problems (SearchSecurity.com)
Product review: 2006 Remote access Products of the Year (SearchSecurity.com)
Technical tip: A five-point strategy for secure remote access (SearchSecurity.com)
Technical tip: Remote user security checklist (SearchEnterpriseDesktop.com)
Technical tip: Five steps to controlling network access (SearchEnterpriseDesktop.com)
Technical tip: Secure data transmission methods (SearchSecurity.com)
Technical tip: How to stop a rogue user from circumventing network security (SearchMidmarkdetSecurity.com)
Technical tip: Guarding against malware infection from remote users (SearchSecurity.com)
Technical tip: Remote network access from privately-owned machines (SearchSecurity.com)
Technical tip: Ten tips for safe computing on a public LAN (SearchSecurity.com)

Endpoint security tactics

Return to Table of Contents

PDF: Five best strategies for endpoint security (SearchSecurity.com)
PDF: Layered access control: Six top defenses that work (SearchSecurity.com)
Product review: Hot Pick: Fireball KeyPoint (SearchSecurity.com)
Product review: End of the line (SearchSecurity.com)
Product review: Hark! Who goes there? (SearchSecurity.com)
Technical tip: Effective endpoint security without a significant investment (SearchSecurity.com)
Technical tip: Painful patching: How to lock down networked devices (SearchWindowsSecurity.com)
Technical tip: The key to locking out mobile threats (SearchSecurity.com)
Technical tip: Tips for securing iPods in the enterprise (SearchSecurity.com)

Network architecture controls

Return to Table of Contents

Glossary definition: DMZ (SearchSecurity.com)
Glossary definition: VLAN (SearchSecurity.com)
Book chapter: Secure LAN switching (SearchSecurity.com)
Expert advice: How to protect a LAN from unauthorized access (SearchSecurity.com)
Expert advice: Designing DMZs with various levels of access (SearchSecurity.com)
Technical tip: Using 802.1X to control physical access to LANs (SearchSecurity.com)
Technical tip: Life at the edge: Securing the network perimeter, Part 2 (SearchSecurity.com)
Technical tip: VLAN security (SearchSecurity.com)
Technical tip: Popular VLAN attacks and how to avoid them (SearchSecurity.com)

Firewall

Return to Table of Contents

Product review: 2006 Network Firewall Products of the Year (SearchSecurity.com)
Technical tip: How to choose a firewall
(SearchSecurity.com)
Technical tip: Choosing the right firewall topology (SearchSecurity.com)
Technical tip: Placing systems in a firewall topology (SearchSecurity.com)
Technical tip: Auditing firewall activity (SearchSecurity.com)
Technical tip: Activating an XP firewall on a LAN (SearchSecurity.com)
Technical tip: Traffic flow considerations for the Cisco PIX Firewall (SearchSecurity.com)
Technical tip: Firewall security tips (SearchSecurity.com)

VPNs

Return to Table of Contents

Glossary definition: SSL (Whatis.com)
Glossary definition: IPsec (whatis.com)
Book chapter: Crypto basics: VPNs (SearchSecurity.com)
Product review: SSL VPN: AEP SureWare A-Gate AG-600 (SearchSecurity.com)
Product review: Corrent VPN 'connects' with Check Point software (SearchSecurity.com)
Quiz: SSL vs. IPsec VPNs (SearchSecurity.com)
Technical tip: Letting telecommuters in – Your VPN alternatives (SearchSecurity.com)
Technical tip: The inherent capabilities of IPsec selectors and their use in remote-access VPNs (SearchSecurity.com)
Technical tip: VPN fast facts: True or false? (SearchSecurity.com)
Technical tip: Client-side security considerations for SSL VPNs (SearchSecurity.com)

Windows-specific network access control procedures

Return to Table of Contents

Book chapter: Access control entries (SearchWindowsServer.com)
Book chapter: Six steps for deploying Network Access Quarantine Control (SearchWindowsServer.com)
Checklist: Hardening Windows School: Advanced checklist on network access quarantining (SearchEnterpriseDesktop.com)
Checklist: Harden access control settings (SearchEnterpriseDesktop.com)
Expert advice: Security risks associated with granting permissions in Windows XP (SearchEnterpriseDesktop.com)
Expert advice: How to deny access when connecting to a share on a Windows 2003 Server(SearchEnterpriseDesktop.com)
Expert advice: How to detect when non-domain laptops are plugged in to Windows Server 2003(SearchEnterpriseDesktop.com)
Expert advice: How to set up dual administrative controls for tighter security in Windows 2000(SearchEnterpriseDesktop.com)
Expert advice: How to remove specific permissions from an account operator in Windows 2000 (SearchEnterpriseDesktop.com)
Expert advice: How to check which permissions are assigned to a user or group in Windows 2000 (SearchEnterpriseDesktop.com)
Expert advice: How to set NTFS permissions on Windows 2000 Terminal Services (SearchEnterpriseDesktop.com)
Expert advice: Limiting user and admin access (SearchEnterpriseDesktop.com)
Opinion: Network admins needs Microsoft-Cisco unity (SearchWinIT.com)
Step-by-Step guide: Network Access Quarantine Control (SearchWindowsServer.com)
Technical tip: Lock down user access and privileges (SearchWindowsServer.com)
Technical tip: Permissions basics for Windows 2000 (SearchWindowsSecurity.com)
Technical tip: NTFS default permissions for Windows 2000 (SearchEnterpriseDesktop.com)
Technical tip: How to implement permissions in Windows 2000/NT (SearchWindowsSecurity.com)

Network access control policies

Return to Table of Contents

Expert advice: Distinguishing a remote access policy from a portable computing protection policy (SearchSecurity.com)
Technical tip: Policies for reducing mobile risk (SearchFinancialSecurity.com)
Technical tip: Laptop security policy: Key to avoiding infection (SearchSecurity.com)
Technical tip: Work with users to secure new technologies in the enterprise (SearchSecurity.com)
Technical tip: The benefits of writing a policy before a new system deployment (SearchSecurity.com)
Technical tip: Managing network policy (SearchSecurity.com)
Technical tip: Top 10 network security tips (SearchSecurity.com)

More security learning resources

	SECURITY SCHOOL		LEARNING GUIDES		CHECKLISTS		GLOSSARY		ASK THE EXPERTS

Dig Deeper

People who read this also read...
Related tags

Related glossary terms

Terms for Whatis.com - the technology online dictionary
- network encryption (network layer or network level encryption)
- Internet Key Exchange (IKE)

Show me more

This was first published in June 2006

More from Related TechTarget Sites

Security Channel
Cloud Security
SMB Security
Financial Security
Security UK
Security AU
Security IN

Security Channel
- Survey results: VARs report customers’ IT spending 2012 expectations
  
  VARs expect customers to increase spending on security more than any other IT area in 2012. See which security segments will grow the most.
- Create a computer security blog to attract and retain customers
  
  Blogging can produce new leads for security solution providers. Focus on content in your computer security blog that connects with customers.
- Penetration testing tutorial: Guidance for effective pen tests
  
  This penetration testing tutorial contains essential tips to help solution providers uncover vulnerabilities in clients’ networks.
Cloud Security
- Are cloud providers HIPAA business associates?
  
  Deciding whether your cloud provider is a business associate comes down to a judgment call based on the type of cloud usage.
- SaaS security: Weighing SaaS encryption options
  
  A look at SaaS encryption techniques and challenges.
- Panel debates cloud computing governance issues
  
  Problems with data governance in the cloud aren’t much different than traditional outsourcing.
searchMidmarketSecurity
- Windows Phone 7 security: Assessing WP7 security features
  
  Windows Phone 7 security features are proving to be a mixed bag. Sam Cattle assesses the enterprise security pros and cons of the latest Windows mobile platform.
- Choosing the best security certifications for your career
  
  Whether starting your career or planning your next step as an IT security professional, this tip will guide you toward the best certifications for your interests and experience.
- Midmarket security tutorials
  
  SearchMidmarketSecurity.com’s tutorials offer IT professionals in-depth lessons and technical advice on the hottest topics in the midmarket IT security industry. Through our tutorials we seek to provide site members with the foundational knowledge needed to deal with the increasingly challenging job of keeping their organizations secure.
searchFinancialSecurity
- Web application threats: What you really need to know
  
  In this special presentation, Mike Rothman details today's top Web application threats and pragmatic methods to integrate security into the Web application development process.
- Ramnit worm variant now dangerous banking malware
  
  The Ramnit worm now supports man-in-the-middle attacks, giving cybercriminals the ability to drain a victim’s bank account.
- SIEM vendors make the case for extending SIEM product capabilities
  
  Advanced features can reduce the threat of wire fraud. New rule sets can be shared among banks and credit unions.
Security UK
- Study finds attacks slip past spotty patch management policies
  
  A study finds attackers targeting firms with poor patch management policies, exploiting vulnerabilities that should have been patched years ago.
- Survey: Types of DDoS attacks on the rise due to hacktivist groups
  
  New DDoS statistics suggest hactivist groups are to blame for an increase in the number and types of DDoS attacks across the Internet.
- Web application vulnerability statistics show security losing ground
  
  New Web application vulnerability statistics show the number of vulnerabilities is rising, despite the use of Web application development frameworks.
searchSecurityAU
- AISA launches new website
  
  With a reinvigorated look and feel, improved back-end infrastructure, and regularly updated information about the association the Australian Information Security Association website has been re-launched for the benefit of its members and the Australian IT Security industry.
- Cisco hardening guides for IOS, IOS-XR and NX-OS devices
  
  Patching routing and switching infrastructure in any organisation is often delayed, sometimes due to the potential impact on production systems and sometimes because the IT resources are simply too busy fighting fires.
- Cloud providers and data sovereignty issues
  
  Australian cloud provider Ninefold warn that understanding who has legal access to company and personal private data is not as simple as checking a box and selecting the 'in-country' option.
Information Security
- Airtel’s DLP technology rollout makes data egress a thing of the past
  
  Airtel’s DLP technology implementation, India’s largest, went live in December 2010. Join us in exploring its inner workings, even as it is poised for bigger things.
- February 2012 Patch Tuesday to address 21 vulnerabilities
  
  Microsoft plans to fix coding errors in Internet Explorer, .NET Silverlight and Microsoft Office.
- IDFC’s information security awareness week tastes success with ‘Mr Gobo’
  
  Financial major IDFC set out to craft its information security awareness initiative with a portal that led users via a ‘Mafia don’s den’. Step in for more.

All Rights Reserved, Copyright 2000 - 2012, TechTarget