Network Access Control (NAC)

(OBJ .)

Network Access Control (NAC)

• Used to protect networks from both known and unknown devices by scanning devices to assess their security status before granting network access
• Can be applied to devices within the internal network or those connecting remotely via VPN
• NAC can be implemented as a hardware or software solution

NAC Process

• When a device attempts to connect, it is placed in a virtual holding area for scanning
• Scanning checks various factors, including antivirus definitions, security patching, and potential security threats
• If a device passes inspection, it is allowed network access
• If a device fails inspection, it is placed in a digital quarantine area for remediation

NAC Agent Types

• Persistent Agents
  • Installed on devices in a corporate environment where the organization owns and controls device software
• Non-Persistent Agents
  • Common in environments with personal devices (e.g., college campuses); users connect, access a web-based captive portal, download an agent for scanning, and delete itself after inspection

802.1x Standard

• Port-based Network Access Control mechanism based on the IEEE 802.1x standard
• Modern NAC solutions build on 802.1x, enhancing features and capabilities

Rule-Based Access Control

• In addition to health policy, NAC can use rule-based methods for access control
  • Time-Based Factors
    • Define access periods based on time schedules; may block access during non-working hours
  • Location-Based Factors
    • Evaluate the endpoint's location using geolocation data to detect unusual login locations
  • Role-Based Factors
    • Reevaluate device authorization based on its role (adaptive NAC)
  • Rule-Based Factors
    • Implement complex admission policies with logical statements to determine access based on conditions