Network access control (NAC), also called network admission control, is a method of bolstering the security of a proprietary network by restricting the availability of network resources to endpoint devices that comply with a defined security policy.
A traditional network access server (NAS) is a server that performs authentication and authorization functions for potential users by verifying logon information. In addition to these functions, NAC restricts the data that each particular user can access, as well as implementing anti-threat applications such as firewalls, antivirus software and spyware-detection programs. NAC also regulates and restricts the things individual subscribers can do once they are connected. Several major networking and IT vendors have introduced NAC products.
NAC is ideal for corporations and agencies where the user environment can be rigidly controlled.
However, some administrators have expressed doubt about the practicality of NAC deployment in
networks with large numbers of diverse users and devices, the nature of which constantly change. An
example is a network for a large university with multiple departments, numerous
|Getting started with NAC|
|To explore how NAC is used in the enterprise, here are additional resources:|
|Network access control -- More than endpoint security: Learn how to gauge if your enterprise is ready for network access control (NAC).|
|NAC -- Strengthening your SSL VPN: This tip explores why and how network access control functions are used to strengthen SSL VPNs, and their relationship to industry NAC initiatives.|
|Compliance in a virtualized world: Server virtualization and NAC security: Server virtualization presents challenges for network security, particularly NAC and compliance issues. Learn what these challenges are and how to overcome them.|