Tuesday, May 22, 2007

The most important piece of NAC

Network World

Network Access Control




Network World's Network Access Control Newsletter, 05/22/07

The most important piece of NAC

By Tim Greene

NAC gear comes in many pieces, and one of the most important to check out is the management platform.

One of the cornerstones of all NAC schemes is determining the posture of the device that is trying to gain network access. This is the data that is compared to security policies to help decide whether a device gains access.

NAC vendors sell client software that reports the status of the endpoint to a policy server. In the case of Microsoft, that client software is part of Vista.

Discover the Business of Gaining Organizational Support for your Security Initiatives.

September 10-11, 2007 | The Fairmont Chicago
How do you get everyone from the boardroom to the mailroom to comply with your security initiatives? Come collaborate with peers on critical business topics like this at The Security Standard-the only business summit for senior security executives. For the latest in planning and management strategies. Click here for more details

Regardless, these clients need to tap into other client software platforms that keep track of endpoint status' that the NAC scheme cares about. These are, for example, antivirus clients and change-management clients that have data NAC clients need.

In checking out NAC products, customers should see how well their NAC client talks to these other platforms, says Joel Snyder, a member of Network World’s Lab Alliance and a partner in Opus One. Snyder is running a NAC seminar at Interop Las Vegas this week.

Desktop policies - which include antivirus updates and change management platforms and other software NAC needs to poll to make good decisions - are the province of the desktop team. That is a different group from the network or security team working on NAC.

The NAC team shouldn’t get involved in the desktop, Snyder notes, but the NAC team’s client software should be configurable to tap desktop software for status reports.

Snyder says this type of management is key and likely to be a weak link in NAC gear. Look for that when evaluating NAC options.


  What do you think?
Post a comment on this newsletter

TODAY'S MOST-READ STORIES:

1. IT jargon you just love to hate
3. A cynic rips open source
3. Cisco routers cause major outage in Japan
4. Alltel agrees to $27.5B buyout
5. Top 15 controversial Microsoft quotes
6. Foundry readies monster Ethernet switch
7. Microsoft won't sue over Linux - yet
8. DoD software protection comes to commercial sector
9. Why Argonne has pulled the plug on VoIP
10. Wireless vendors target enterprise nets with 802.11n products

MOST E-MAILED STORY:
Cisco routers cause major outage in Japan


Contact the author:

Tim Greene is a senior editor at Network World, covering network access control, virtual private networking gear, remote access, WAN acceleration and aspects of VoIP technology. You can reach him at tgreene@nww.com.



ARCHIVE

Archive of the Network Access Control Newsletter.


BONUS FEATURE

IT PRODUCT RESEARCH AT YOUR FINGERTIPS

Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details.


PRINT SUBSCRIPTIONS AVAILABLE
You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today.

International subscribers, click here.


SUBSCRIPTION SERVICES

To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here.

This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription.


Advertising information: Write to Associate Publisher Online Susan Cardoza

Network World, Inc., 118 Turnpike Road, Southborough, MA 01772

Copyright Network World, Inc., 2007

No comments: