Microsoft
Here are some of the key reasons why you would want to run Unified Access Gateway with DirectAccess.
A knack for network access control
IT execs are asked what it means and how it's working.
August 1, 2007 12:00 PM ETNetwork World -
Network access control is a huge topic of discussion in IT and a focus of activity among vendors. Over time, the acronym NAC has become almost generic through overuse, and its definition varies. When I asked IT executives how they define it, the core of consensus is that NAC revolves around three things:
- Admission control, which is the ability to selectively let hosts attach to the network and stay attached. That's key to NAC, according to all who answered this question.
- Health checks, or the ability to see that connecting systems are up to date on patches, antivirus tools and the like. They constitute part of the definition of NAC, according to a majority of respondents.
- Access control, which is the ability to say which hosts can see or do what while attached. A minority of those surveyed cite this as ideal in a NAC system. A chief information security officer at a financial services company explains this feature as "the ability to validate end systems prior to gaining access and then controlling where they are allowed to go once they are on, much like user management should be."
Few of the respondents actively practice NAC now. Being able to connect to the VPN is the extent of NAC for most external hosts, for example, and there is no access control on LAN ports. Only about 14% of respondents said they apply endpoint checks for application and operating system patching; the presence of firewalls or antivirus or antispyware tools; USB-attached devices; and password strength. However, nearly 60% said they wish they could be applying checks at least for firewalls and antivirus and antispyware tools, and about 40% said they desire password and operating system checks. Less than one-third said they want application checks.
Cost and complexity account for most of the gap between the level of checking desired and the level of checking actually implemented; NAC can require added network infrastructure and sometimes upgrades to existing network equipment. Upgrades would be necessary to support the 802.1x standard for authenticating network access at the switch-port level, for example. Although few are spending anything on NAC yet, everyone feels future spending on NAC is likely (and most say certain) to go up.
Applying admission, health and access controls on endpoints sounds enticing. But until it can be done without network overhauls and with more broadly interoperable protocols, adoption is likely to be slow and spotty.
Reprinted with permission from
For more information about enterprise networking, go to NetworkWorld.comStory copyright 2009 Network World, Inc. All rights reserved.
nac
Additional Resources
Microsoft
Review how one energy firm tightened protection and simplified IT work using business-ready security solutions.
Sybase
In this white paper, IDC analyzes the role of next-generation mobile enterprise platforms as organizations seek a more strategic deployment of mobile solutions.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
Learn the important issues you must consider before starting your next mobility initiative. Get your mobility white paper from IDC now, compliments of Sybase.
White Papers & Webcasts
Gartner Case Study: Woods Bagot
Learn how WAN Optimization enables global design firm to share CAD/Visualization files and collaborate live over the Internet.
WAN Optimization as a Managed Service: More than Network Cost Savings
View this Webcast Now!
Optimize VMware View VDI Deployments with F5
F5 BIG-IP Local Traffi c Manager optimizes VMware View deployments between offi ces to create a user experience on par with local desktops.
Beyond Basic Back-Up: Disaster Recovery
It's not always a flood or fire- 50% of "disasters" are caused by users. Learn more now!
Connecting to the Cloud with F5 and VMware VMotion
F5 and VMware partner to enable live application and storage migrations between datacenters and clouds, over short or long distances.
Mitigate Risk, Lower Costs and Improve Network Efficiency
Create a stable IP network that not only meets today's challenges, but is flexible enough to also meet future demands.
Top 10 Reasons for Windows Server 2008 R2
Download Now
Data in Action: Making the Planet Smarter
Register Now
How to Secure and Accelerate Your Oracle Applications
Learn about the escalating application performance and security challenges facing corporations, today!
Computerworld Reports
Sign up to receive updates on the latest Networking and Internet resources
