Why people deploy NAC

Network Access Control This newsletter is sponsored by NetPro Computing, Inc. Active Directory real-time monitoring, auditing and reporting on all critical changes Auditing Active Directory plays a crucial role in operational, troubleshooting and security issues. However, the tools in Windows Server can be limited and difficult to use in creating a cohesive change management and audit process. In this whitepaper, you'll learn how to manage and protect your Windows infrastructure with fast and easy methods to audit changes, troubleshoot, restore and report within Active Directory. Also, find out what areas of Active Directory you should be auditing to support security policies and regulatory compliance. Network World's Network Access Control Newsletter, 08/09/07 Why people deploy NAC By Tim Greene Here are some statistics from Infonetics about why people are deploying NAC that may help others feel more comfortable - or uncomfortable - about their own NAC plans. A survey of 83 large businesses that said they planned to deploy NAC within the next year asked them to indicate what factors influenced their decisions. They indicated many. Two factors tied for first place, each claiming 83% of respondents. One was protecting corporate resources from unauthorized users. That’s not a big surprise because enforcing access rights is part of what NAC is supposed to do. Network World Security Buyers Guide Find the right security products for your enterprise - fast. From anti-spam to wireless LAN security, our Buyers Guides have detailed information on hundreds of products in more than 20 categories. With the side-by-side comparison tool you can evaluate product features to make the best decision for your enterprise. Click here to go to the Security Buyers Guide now. In second place was limiting the impact of security problems. So if something does break out on the network, they expect NAC to deal with it. This seems to indicate they want the post-admission aspect of NAC that monitors behavior of devices once they have been granted admission to see whether behavior deviates from what is allowed and expected. Post-admission NAC can trigger alarms about or isolate devices that violate behavior policies. Close behind those two factors with 81% of respondents was increasing overall security posture of the network, and that’s not a very revealing stat. Demonstrating compliance with access and security policies was named by 64% of the respondents. This is basically logging who has accessed the network, when, what they were authorized to access, and whether their machine met security-posture requirements. It answers the question, “Did NAC do what it was supposed to do?” Protecting wireless networks was a factor chosen by 58% of those surveyed. Concerns about unauthorized users with wireless laptops trying to tap into business WLANs can be addressed by NAC. NAC can also facilitate granting limited access to guests on WLANs. Two other factors tied at 54% of respondents. The first is securely segmenting the LAN, which NAC can accomplish via the access rights it grants to machines that pass initial endpoint checks. The second is meeting regulatory requirements.This is always a controversial factor because many people say that deploying NAC doesn’t address any set of regulations about network security. True, but it can undeniably be useful as part of a broader security strategy that does address regulations. Just log data linking a person with a machine, when they logged into the network and what they were authorized to access can be valuable to regulatory audits. Editor's Note: Starting Aug. 14, this newsletter will be renamed "Security: Network Access Control" to better reflect the focus of the newsletter. We thank you for reading Network World newsletters!   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. Storm Worm's virulence may change tactics 2. U.C. researchers: Take antispam fight to Web 3. Kittens could solve spam 4. How far could cyber war go? 5. 802.11n WLAN tests show 'unbelievable' results 6. Cisco founder unveils the Next Big Thing? 7. iPhone lawsuit filed by doctor convicted of fraud 8. Cisco beats Q4 earnings expectations 9. Fujitsu links biometrics with Novell’s eDirectory 10. Do Not Call Registry gets wake-up call MOST-READ REVIEW: NAC alternatives hit the mark

Contact the author: Tim Greene is a senior editor at Network World, covering network access control, virtual private networking gear, remote access, WAN acceleration and aspects of VoIP technology. You can reach him at tgreene@nww.com. This newsletter is sponsored by NetPro Computing, Inc. Active Directory real-time monitoring, auditing and reporting on all critical changes Auditing Active Directory plays a crucial role in operational, troubleshooting and security issues. However, the tools in Windows Server can be limited and difficult to use in creating a cohesive change management and audit process. In this whitepaper, you'll learn how to manage and protect your Windows infrastructure with fast and easy methods to audit changes, troubleshoot, restore and report within Active Directory. Also, find out what areas of Active Directory you should be auditing to support security policies and regulatory compliance. ARCHIVE Archive of the Network Access Control Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007