Light Dark
November 30, 2017 By David Strom 2 min read
Network
Endpoint

Network access control (NAC) has come a long way since 2006, when it was all the rage. Back then, there were competing standards from Microsoft, Cisco and the Trusted Computing Group vying for IT managers’ attention. There were dozens of different products, claims and counterclaims that were hard to parse, let alone believe. Products were buggy and difficult to implement without a tremendous amount of cross-vendor integration.

A Look Back

I wrote a cover story for a print magazine in 2008 showcasing four IT managers and their experiences with various NAC products. When I reread this piece, I was struck by how little has changed. Networks are still protected on the macro level by keeping systems updated with the latest patches and satisfying compliance regulations. But I was also interested in how much had changed on a micro level and how homogeneous networks were back then. A network-attached printer was about as odd as things got.

That was then. NAC — and the networks themselves — have come a long way in the past decade or so. The products have improved, and the endpoint and network security landscape has become more complex. We now have lots of devices on our networks that don’t look like PCs, or printers for that matter. That is where NAC can find a new niche.

Discovering a New Purpose for NAC

Over the past decade, access control vendors have been squeezed between mobile device management and intrusion detection products; trying to evolve in that space has been difficult. With all the issues around Internet of Things (IoT) botnet attacks and compromises over network-connected devices that don’t look like traditional endpoints, NAC has found a new purpose. As IT managers look to stem this malware tide, they have rediscovered this well-aged tool.

NAC had its original purpose in hardening network access and filtering which endpoints could connect to the enterprise network. This is still valid, especially in situations where endpoints come in many shapes and sizes, making it difficult to apply protective agents.

Back when I was testing these kinds of products in 2015, I wrote for Network World that “today’s NAC tools use a combination of probes including NMAP, WMI, Radius authentication, remote access to log files via SSH and SNMP queries and other clever ways.” I marveled at how much information these tools could suss out from a mixed bag of endpoints, which is why they are now being considered for protecting networks against IoT-fueled botnets gone wild. It might be time to take a closer look at what NAC protections can provide.

 |  |  |  | 
David Strom
Security Evangelist

More from Network
May 15, 2024

New cybersecurity sheets from CISA and NSA: An overview

4 min read - The Cybersecurity and Infrastructure Security Agency (CISA) and National Security Agency (NSA) have recently released new CSI (Cybersecurity Information) sheets aimed at providing information and guidelines to organizations on how to effectively secure their cloud environments.This new release includes a total of five CSI sheets, covering various aspects of cloud security such as threat mitigation, identity and access management, network security and more. Here's our overview of the new CSI sheets, what they address and the key takeaways from each.Implementing…

August 7, 2023

Databases beware: Abusing Microsoft SQL Server with SQLRecon

20 min read - Over the course of my career, I’ve had the privileged opportunity to peek behind the veil of some of the largest organizations in the world. In my experience, most industry verticals rely on enterprise Windows networks. In fact, I can count on one hand the number of times I have seen a decentralized zero-trust network, enterprise Linux, macOS network, or Active Directory alternative (FreeIPA). As I navigate my way through these large and often complex enterprise networks, it is common…

June 23, 2023

Easy configuration fixes can protect your server from attack

4 min read - In March 2023, data on more than 56,000 people — including Social Security numbers and other personal information — was stolen in the D.C. Health Benefit Exchange Authority breach. The online health insurance marketplace hack exposed the personal details of Congress members, their families, staff and tens of thousands of other Washington-area residents. It appears the D.C. breach was due to “human error”, according to a recent report. Apparently, a computer server was misconfigured to allow access to data without proper…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature