NAC deployment advice

Security: Network Access Control This newsletter is sponsored by Quantum Data de-duplication whitepaper Meet regulatory data storage demands without breaking the bank. Discover what data de-duplication can do for you. Network World's Security: Network Access Control Newsletter, 09/18/07 NAC deployment advice By Tim Greene At the Security Standard conference in Chicago last week, Steve Hanna, a Juniper distinguished engineer and co-chair of NAC standards groups at the IETF and the Trusted Computing Group had advice for NAC deployments. His advice breaks down into steps that are applicable to other technology implementations, and can help make NAC projects run more smoothly. They are: Straight Talk from Security Experts Leading security experts share their advice, secrets and real-world experiences in Network World's latest Executive Guide, "The Security Treadmill." Learn how to get inside users' heads, fight for a bigger security budget and much more. Click here to download this Executive Guide. * Figure out what problem you are trying to solve. Dealing with guest users? Securing wireless? Protecting the network as a whole or just certain resources? Establish long and short-term goals for NAC. * Get stakeholders in the room, people who represent network security and endpoint security. You may want to include others such as facilities people who are responsible for conference rooms and common areas if you are dealing with guest users * Set technical requirements for the project and write a request for proposal. * Evaluate the proposals and verify what the vendors are telling you. Use this research to narrow the choices to just a few. * Do in-house testing in an environment that simulates your actual network conditions. * Do a gradual phase rollout. "Your rollout should not be a red-letter day," Hanna says. "It should not be, 'today everybody’s going to use access control.' You want to deploy gradually, so maybe you start out with IT. You know, eat your own dog food. Then you go to your most critical problems and address those." Consider scale. Everything that works in the lab doesn’t always work at scale at peak load. So verify either in the lab with your applications or with some other customers that have deployed this product that it’s going to work at scale. “The last thing you want to do is put something inline with your network and then on the busiest day of the quarter it fails and then you're up the creek,” Hanna says.   What do you think? Post a comment on this newsletter

TODAY'S MOST-READ STORIES: 1. One less reason to adopt IPv6? 2. Researchers flash personal aircraft, future jetpack 3. Does 802.11n spell the end of Ethernet? 4. What 'The Sopranos' taught me about tech 5. 10 IT management software companies to watch 6. SCO's Chapter 11 filing postpones Novell trial 7. Will users ever smarten up about phishing? 8. Meet the other Ciscos 9. TJX data criminal gets 5 years 10. Internet domain name outlaw faces 20 years MOST-READ REVIEW: VM management tools from Microsoft, VMware, XenSource leave room for improvement

Contact the author: Tim Greene is a senior editor at Network World, covering network access control, virtual private networking gear, remote access, WAN acceleration and aspects of VoIP technology. You can reach him at tgreene@nww.com. This newsletter is sponsored by Quantum Data de-duplication whitepaper Meet regulatory data storage demands without breaking the bank. Discover what data de-duplication can do for you. ARCHIVE Archive of the Security: Network Access Control Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007