 |
||||
|
|
|||
|
||||
Requires Membership to View
To gain access to this and all member only content, please provide the following information:
By submitting your registration information to SearchSecurityChannel.com you agree to receive email communications from the TechTarget network of sites, and/or third party content providers that have relationships with TechTarget, based on your topic interests and activity, including updates on new content, event notifications, new site launches and market research surveys. Please verify all information and selections above. You may unsubscribe at any time from one or more of the services you have selected by editing your profile, unsubscribing via email or by contacting us here
- Your use of SearchSecurityChannel.com is governed by our Terms of Use
- We designed our Privacy Policy to provide you with important disclosures about how we collect and use your registration and other information. We encourage you to read the Privacy Policy, and to use it to help make informed decisions.
- If you reside outside of the United States, by submitting this registration information you consent to having your personal data transferred to and processed in the United States.
Network access control technologies have been touted as a one stop answer for network security. However, NAC, while vast in potential, has its limitations. Here we look at how network access control offers many answers to regulatory compliance requirements, but asks more questions of its own.
Network access control: Compliance enabler or detractor?
One of the hottest spaces in the security space is network access control (NAC), and predictably all of the vendors are positioning the compliance "virtues" of the technology. But is there any truth to their claims? Should customers be looking at NAC to solve their compliance woes?
NAC is about ensuring only the right people get access to the right resources. It works by performing "pre-admission" scans to ensure devices are both authorized and not contaminated with malware when joining the network. Once on the network, NAC solutions then switch into "post-admission" control mode where they are making sure that each endpoint is accessing authorized resources and don't start behaving erratically. Of course, we're still early in the adoption of NAC and the vision is not yet the reality – but that's the idea.
Learn more about network access control's effectiveness as a compliance manager.
About the author
Mike Rothman is President and Principal Analyst of Security Incite, an independent information
security research firm. Having spent over 15 years as an end-user advocate for global enterprises
and mid-sized businesses, Mike's role is to educate and stimulate thought-provoking discussion on
how information security contributes to core business imperatives. Prior to founding Security
Incite, Mike was the first network security analyst at META Group and held executive level
positions with CipherTrust, TruSecure and was a founder of SHYM Technology. Mike is a frequent
contributor for TechTarget and a highly regarded speaker on information security topics. Keep track
of Mike's musings via The Daily Incite
newsletter.
This was first published in April 2007