Showing posts from June, 2007

Oh NAC, We Hardly Knew Ye...

...before ye were corrupted by the Forces of Evil(tm). An acquaintance of mine just returned from Interop with a drawerfull of information which he showed to me. Having spent 18 months doing NAC deployments around the country and overseas, I was bummed at the direction many of the security^H^H^H^H^H^H^H^Hsoftware companies are taking this technology. Let me clarify NAC (Network Access Control) for you. NAC is: -Verifying the security posture of a system and the identification of a user to allow the user to use the system to gain access to the appropriate network, such as the enterprise, management or guest network. (Authorization may then allow the user to access resources on said network). NAC is not: -Anti-Virus (A/V) -Anti Spyware (A/S) -Endpoint (personal) firewall (E/F) -posture/profile control (blocking USB devices, for example) -A patching system Once upon a time, NAC was a tool independent of the desktop security posture components (A/V, A/S, E/F, etc...) used to verify the