Give your network access control a second look!
Simply blocking access is much easier than tracking intruders and their actions. That’s why Network Access Control (NAC) is such a compelling concept for IT managers. With this technology, both risk and effort can be minimized. And with today’s digital challenges, minimizing risk is more important than ever.
Take a small, annoying piece of malware that tries hard to get into your system. It could come from anywhere – from an employee who brings his own device, or from contractors or freelancers who need access to your network. Changes in and around your business are bringing the need for flexible access to the forefront, but this flexible access inevitably entails additional risks. IT managers often ignore network access control when looking for a security solution to minimize such risks. Why? Probably because NAC is nothing new. And how is old technology supposed to protect against new threats? Find out here!
But how does network access control work?
Here we come back to our little piece of malware. At this point we can directly report something positive, the little bit of malware cannot infiltrate itself, but needs a host. Perhaps the question arises here, what is positive about it?
The following: When connecting through a network device (in this case the host), the malware first encounters a network access control solution. The malware is in the sense of a virtual inch. This uses pre-defined rules to check whether the user and his device comply with the company’s security policies. This allows us to see who the user is, whether they are using a laptop, PC or tablet, and whether they are connecting to the corporate network via cable, WLAN or VPN. Finally, enabled users and devices are allowed to enter, but only certain areas of the network that are shared with them. In a nutshell, this approval process is as follows:
- Identifying the user: Who is it? (Is it a known user?) What is he trying to access? Where is he? When and how was the access request made (cable, WLAN, VPN)?
- Assignment of access options: It is clearly defined for each type of user which areas of the network he can access and which areas he cannot.
- Policy enforcement: The user is allowed or denied access to the predefined network areas.
And do you know what the best part is? All this happens before any connection is established between the device and the network. And even better, today’s NAC solutions are often automated.
Do you want to prevent rather than lose? Download our free white paper here.