Network Access Control (NAC) solutions deliver a comprehensive approach to identifying, controlling, and securing access to critical network communications and business services. Well architected NAC solutions proactively manage whether a trusted user, a guest, or a device can connect to a network and what they are authorized to do once connected; this is all based on policy criteria such as device and user identity, business role, time of day, location, and health of the end system. Comprehensive NAC solutions use both agent-based and agent-less assessment technologies, along with proactive and reactive policy enforcement to provide a solid pre-connect and post-connect end system security offering.
A well architected NAC solution will leverage a number of important functions including end system detection, authentication, assessment, authorization, and remediation. This more easily enables IT organizations to quickly deploy NAC, and more importantly, to enable phased deployment to best align with business needs.
Throughout this paper, a graphical representation of several key business variables will be offered as guidance related to specific NAC technologies.