Network Access Control (NAC) is a tool which helps identify and control access to an organization’s network. NAC is one of the frontline defenders in security.
By defending what has access to the network, an organization is effectively limiting the chance that a security event will occur. NAC is both a powerful and flexible tool for a security team.
An organization can use NAC to improve their security as well as improve business efficiencies.
NAC GOALS
- Unify endpoint security compliance for each device, whether antivirus, patch management, encryption for laptops and mobile devices, or other security concerns
- Provide visibility of the network
- Guest & Rogue Device Control
- Monitor threats associated on the network
INTEGRATION POINTS
Many NAC vendors will integrate with security platforms you may be running in your environment. Depending on the NAC vendor, an integration with one of the following would improve the security team’s ability to view access to the network and check compliance across multiple verticals.
- SIEM
- Patch Management Software
- DLP
- Wireless
- Antivirus
- VPN
- Active Directory Services
Integrating your NAC with existing security products will provide you a more robust system and improve security compliance and control. CipherTechs urges its customers to leverage these integrations and make these partnerships part of its business and security goals.
CipherTechs FOCUS
CipherTechs uses the policies below to start any NAC engagement:
- Classification: What kind of device are you?
- Clarification: Are you a corporate asset?
- Compliance: Does the device meet the corporate compliance standards?
- Control: If you don’t meet the standard or are a guest – what are we going to do with you?
- Security: Provides useful security related information
- Informational: Provides useful IT related information