Network Access Control Technology: Will it Succeed?
I recently attended the Interop Conference in Las Vegas. As I strolled around the exhibition area, I could not help notice all the booths at which Network Access Control (NAC) products were being promoted. NAC technology is used to prevent potentially dangerous systems from being able to connect to networks. NAC tools examine various aspects concerning each system that tries to connect to a network, and then on the basis of the results, either allow or deny network access to that system. So, for example, if the user of a Windows XP system tries to connect to a network, but that system is infected by a worm, NAC technology is supposed detect the infection, sever the existing network connection, and apply a defensive measure such as denying any IP address to that system until it is healthy again. Some NAC implementations perform tests such as determining whether a system connecting to the network has unpatched vulnerabilities, or whether it has the ability to connect using IPv6, or whether certain security-related settings are enabled, and more. Read more…