When a device (computer, tablet, phone etc.) connects to a network, it is not given access to anything unless it complies with the policy laid out by the network owner. Once the policy is met, the computer is able to access network resources and the Internet, following the guidelines laid out in the Network Access Control (NAC) system. NAC is mainly used for endpoint health checks (making sure a device isn't infected with malware etc.), and is often tied to identity-based access, meaning the NAC gives you access based on your credentials (username/password). Once a user and device have both been granted access to a network they may be limited to what they can see. For example, in a school, someone with a faculty login would have more access to certain files than a student would.
For more information on Network Access Control Solutions check out our main website, Miltonsecurity.com
Adaptive Network Access Control
Adaptive NACs can be customized to fit the needs of each environment and work with the existing infrastructure. Additionally, they can do agentless scans meaning that a device does not need to have software pre-loaded before proceeding. This allows new and personal devices to be integrated into the network easily yet securely. You never have to worry if an agent’s software is up to date, leaving no risk of compromise or added network chatter.
Agentless scans and adaptive solutions require the indomitable flexibility which can only be fully realized with an in-line NAC placement. In-line adaptive NACs physically sit between users and resources allowing full control over a device’s access, packet by packet. The flexibility of adaptive, agentless, in-line NACs grant safe, yet efficient access to your LAN and corporate resources.
Types of NAC
There are several different ways to use a NAC. All of them boil down to two categories:
Inline: An Inline NAC appliance sits right inside of the network, in between the the users and the resources. It can see what users are doing in real time, and can stop threats before they hit the network.
Out-of-Band: Out-of-Band NACs sit outside of a network, or even completely offsite in a different building. It evaluates what users do after the fact, and makes a report. Out-of-Band is considered the less secure of the two options because it can't stop threats in real time.