Solutions: Information Security: Network Access Control
As the amount of information available within an organization grows and the reliance on that information becomes more important creating a set of enforceable policies becomes more critical. Network Access Control allows IT managers to set up and enforce those policies and restricts non-compliant end stations access to the network, thus removing their risk to other systems within the network. The policies can prevent both access to the network as well as access to specific parts of the network once the user is authenticated.
One of the primary values of a NAC implementation is that it continuously monitors the established policies. As threats are identified, end point systems can be quarantined and analyzed to allow for appropriate remediation. This continuous monitoring creates an ongoing posture of risk reduction to the IT infrastructure.
Our security engineers have participated on a full range of NAC implementations for small and large organizations and we understand that like all security projects a multiple phase engagement is often necessary. Typically, an appliance device is installed and user authentication services and policies are established. At this stage centralized management, auditing and reporting are created. The deployment can then be enhanced with end system health checks and compliance assessment. Finally, automated threat management, which includes isolation, quarantine and self serve remediation of non-conforming end systems, can be added.
We leverage our core network expertise in developing a strategic NAC solution for our clients. Understanding which parts of the infrastructure — routers and switches — that need to be utilized to ensure the network is operating securely is critical to any NAC solution implementation.