Features
Read up on the latest ideas and technologies from companies that sell hardware, software and services. Zones provide focussed content from Computerworld and leading technology partners.Newsletter Subscription
Network access control stands out as one of the most promising security technologies, but it also is one of the most misunderstood. Here are explanations that may clarify some of your questions.
What is NAC?
At a high level, as defined by Forrester Research, "NAC is a mix of hardware and software technology that dynamically controls client system access to networks based on their compliance with policy." But vendors, eager to get in on the NAC buzz, are often using the NAC label for products that are really only peripheral to the access control process. What are the major NAC initiatives?
There are three: Cisco's Network Admission Control architecture; the Trusted Computing Group's (TCG) Trusted Network Connect (TNC) program; and Microsoft's Network Access Protection (NAP) architecture.
Are Cisco and Microsoft playing nicely together?
Microsoft's NAP architecture is a major factor in the NAC universe because of the pervasiveness of the company's server and desktop software. However, at this point, key components aren't available, making interoperability impossible to test beyond limited beta versions of Microsoft's NAP platforms. On the upside, 75 vendors have pledged to make their gear interoperable with Microsoft NAP components when they become available. This includes Cisco, with which Microsoft is developing NAP and Cisco-NAC interoperability. Cisco, which is pushing the IETF for NAC standards but does not participate in TCG, has about 30 partners shipping Cisco NAC-compatible gear and another 27 developing such products.
Are there any NAC standards?
The TCG is writing NAC standards to promote multivendor interoperability. The IETF has created a working group to develop NAC standards and Cisco, which does not participate in the TCG, supports the IETF effort.
Are there any stand-alone NAC products on the market?
Cisco, Microsoft and TCG list scores of partners whose gear fits in their NAC schemes and can claim to be NAC vendors. Plus, Juniper has its unified access-control environment. A NAC buyer must find out what a vendor means by "NAC support," but single devices fitting the NAC bill include products from ConSentry Networks, Nevis Networks, StillSecure and Vernier Networks. Other NAC vendors, such as Lockdown Networks and Mirage Networks, work in conjunction with partners. This is not a comprehensive list.
What types of security functions are part of the NAC environment?
Authentication; endpoint scans; policy compliance checks; policy creation, enforcement and management.
Computerworld Member Login
Realise Your VMware Vision: Storage Consolidation and Virtualization for Small to Medium Businesses
10:30 - 11am (EST, Sydney, Australia)
Wednesday, 4th June 2008
Screening live at your PC
Join Computerworld and our expert speakers:
- Jean-Marc Annonier, Research Manager, IT Spending, IDC
- Howard Porter, SMB Channels Manager, VMware
- Clive Gold, Product Marketing Manager Australia/New Zealand, EMC Corporation
to learn about the various virtualization technologies available today and what factors are driving it in small to medium businesses. Discover use cases and technologies that allow successful virtualization and storage consolidation for a more flexible IT infrastructure.
- +
Data Management Edition #10: Multi-Petascale Systems 02/05/2008 09:12:33
This week we look at sustainability and the development of multicore technologies to build multi-petascale systems. - +
IT Security Edition #11: How to poison the Storm botnet 01/05/2008 08:51:55
This week CW Live presents a case study on how to poison the notorious Storm botnet . Plus we take a look at Cisco's plans for Ironport. - +
IT Security Edition #10: Cyber-battles fought and won 24/04/2008 11:09:47
Vendors bow to end user pressure to improve product security, and we take a look at the latest concepts shaping the cyber-battlefield of the future. - +
Data Management Edition #9: Data centre makeover 24/04/2008 07:43:06
This week CW Live looks at the death of the old style data centre which is undergoing its first makeover in more than 30 years. - +
IT Security Edition #9: Inside the bug trade. 16/04/2008 09:08:12
This week guidelines are released for the mandatory reporting of security breaches and we go inside the black market bug trade.
TechnologyOne wins new federal government, local council and commercial contracts for software and services 2008-05-12 16:05:00+10
North East Water to deploy Gentrack Velocity upgrade 2008-05-12 09:54:00+10
Kroll Ontrack Launches Hardware Erasure Solution 2008-05-09 08:42:00+10
Mitel Releases New Cordless Technologies for IP Phones 2008-05-08 18:11:00+10
Citect earns recertification under the prestigious Service Capability and Performance (SCP) Standards 2008-05-08 14:07:00+10
How to Protect Business from Malware at the Endpoint and the Perimeter
Financial motives are triggering a massive explosion of malware variants and spam designed to evade traditional signature-based detection mechanisms. Protect your organization against Malware with four essential tips and best practices from independent industry research analyst firms worldwide.
