Network Access Control (NAC) is a subset of complete LAN Security services and features. In addition, there are two phases or categories of NAC functionality: pre-connect and post-connect. NAC has traditionaly been associated with pre-connect access control only. However, this is only one component of an overall LAN security solution. Post-connect is the most important aspect of LAN security since it monitors and controls the flow of data to and from the endpoint throughout the user’s connection to the network.
In developing a NAC strategy, enterprises also need to consider the ease of deployment for managed and unmanaged users (guests, contractors, business partners, etc.). The ability to have a single approach for both types of users that can be quickly rolled out without the requirement of agent software on endpoints can translate to significant operational cost savings.
At Nevis Networks, we recognize that traditional NAC is a building block in deployment of a strategy to fully protect users, endpoints, and the network infrastructure from threats to data confidentiality, integrity and availability. Verification of endpoint client security software is an important first step, but additional capabilities are required to prevent unauthorized access attempts by users, to protect the endpoint from network-borne attacks, and to control and contain threats introduced by endpoints that expose network assets and disrupt availability. Nevis’ LANenforcer solution provides identity-driven LAN security by delivering comprehensive and continuous NAC functionality. Specifically, the solution offers:
- Automatic, clientless endpoint security audit (posture check) before allowing network access; quarantine and deny access if device fails
- Role-based user, network and application access control
- Identity based stateful firewall with Application Layer Gateway (ALG) functionality
- Wirespeed signature based IPS and Anomaly Detection to quarantine all forms of malware
All Nevis solutions provide easy integration to existing network infrastructures and services (switches, routers, AAA, directory services, VLANs etc.) without requiring configuration changes or upgrades. To learn more about NAC, its role in a secure LAN, and Nevis’ NAC solution, please see our white paper: “NAC –The First Line of LAN Security Defense”