November 30, 2017 By David Strom 2 min read

Network access control (NAC) has come a long way since 2006, when it was all the rage. Back then, there were competing standards from Microsoft, Cisco and the Trusted Computing Group vying for IT managers’ attention. There were dozens of different products, claims and counterclaims that were hard to parse, let alone believe. Products were buggy and difficult to implement without a tremendous amount of cross-vendor integration.

A Look Back

I wrote a cover story for a print magazine in 2008 showcasing four IT managers and their experiences with various NAC products. When I reread this piece, I was struck by how little has changed. Networks are still protected on the macro level by keeping systems updated with the latest patches and satisfying compliance regulations. But I was also interested in how much had changed on a micro level and how homogeneous networks were back then. A network-attached printer was about as odd as things got.

That was then. NAC — and the networks themselves — have come a long way in the past decade or so. The products have improved, and the endpoint and network security landscape has become more complex. We now have lots of devices on our networks that don’t look like PCs, or printers for that matter. That is where NAC can find a new niche.

Discovering a New Purpose for NAC

Over the past decade, access control vendors have been squeezed between mobile device management and intrusion detection products; trying to evolve in that space has been difficult. With all the issues around Internet of Things (IoT) botnet attacks and compromises over network-connected devices that don’t look like traditional endpoints, NAC has found a new purpose. As IT managers look to stem this malware tide, they have rediscovered this well-aged tool.

NAC had its original purpose in hardening network access and filtering which endpoints could connect to the enterprise network. This is still valid, especially in situations where endpoints come in many shapes and sizes, making it difficult to apply protective agents.

Back when I was testing these kinds of products in 2015, I wrote for Network World that “today’s NAC tools use a combination of probes including NMAP, WMI, Radius authentication, remote access to log files via SSH and SNMP queries and other clever ways.” I marveled at how much information these tools could suss out from a mixed bag of endpoints, which is why they are now being considered for protecting networks against IoT-fueled botnets gone wild. It might be time to take a closer look at what NAC protections can provide.

More from Network

Databases beware: Abusing Microsoft SQL Server with SQLRecon

20 min read - Over the course of my career, I’ve had the privileged opportunity to peek behind the veil of some of the largest organizations in the world. In my experience, most industry verticals rely on enterprise Windows networks. In fact, I can count on one hand the number of times I have seen a decentralized zero-trust network, enterprise Linux, macOS network, or Active Directory alternative (FreeIPA). As I navigate my way through these large and often complex enterprise networks, it is common…

Easy configuration fixes can protect your server from attack

4 min read - In March 2023, data on more than 56,000 people — including Social Security numbers and other personal information — was stolen in the D.C. Health Benefit Exchange Authority breach. The online health insurance marketplace hack exposed the personal details of Congress members, their families, staff and tens of thousands of other Washington-area residents. It appears the D.C. breach was due to “human error”, according to a recent report. Apparently, a computer server was misconfigured to allow access to data without proper…

X-Force identifies vulnerability in IoT platform

4 min read - The last decade has seen an explosion of IoT devices across a multitude of industries. With that rise has come the need for centralized systems to perform data collection and device management, commonly called IoT Platforms. One such platform, ThingsBoard, was the recent subject of research by IBM Security X-Force. While there has been a lot of discussion around the security of IoT devices themselves, there is far less conversation around the security of the platforms these devices connect with.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today