How to Prep for NAC

 
 
By eweek  |  Posted 2012-05-28
 
 
 

How to Prep for NAC

One NAC component is the endpoint, which requests network access and needs its system health checked. This could be a NAP client running Windows Vista or another kind of TNC client.

How to Prep for NAC

How to Prep for NAC - Policy Decision Point

A second NAC component is the policy decision point, a system that evaluates the endpoint and decides what kind of access it should get to the network. This can be a NAP server such as a Microsoft Network Policy Server or another kind of TNC server.

How to Prep for NAC - Policy Decision Point

How to Prep for NAC - Policy Enforcement Point

Finally, a NAC system needs a policy enforcement point that can deny or limit network access based on policies fed to it from the policy decision point. This could be a switch, router, VPN gateway or other network element with enforcement capabilities.

How to Prep for NAC - Policy Enforcement Point

How to Prep for NAC - Step One

To prepare for a NAC, three steps are critical. First, identify what resources you want to protect.

How to Prep for NAC - Step One

How to Prep for NAC - Step Two

Inventory the endpoints connected to your network and, optionally, the authorized users.

How to Prep for NAC - Step Two

How to Prep for NAC - Step Three

Finally, decide on policies for what constitutes a healthy endpoint on your network and what network access you want to grant based on user identity and endpoint health.

How to Prep for NAC - Step Three

How to Prep for NAC - Incremental Approach

You may want to take an incremental approach to deployment, starting with certain especially risky or especially sensitive parts of your network.

How to Prep for NAC - Incremental Approach

How to Prep for NAC - See More Slideshows Like This One

See more slideshows like this one!

How to Prep for NAC - See More Slideshows Like This One

Rocket Fuel