Top 3 Tips For Deploying NETWORK ACCESS CONTROL

A few things you'll need to know before you get started.

1. Explore requirements
Should you really be buying NAC? Jeff Falcon, senior security specialist with solution provider CDW, said customers often lack a clear understanding “as to why they may need, or not need, a NAC solution.” He recommends identifying high-risk and high-value data that needs protection as an initial step. Next, customers may look at network traffic in monitor mode to analyze threats, he added.
2. Pursue policy
Before implementation, organizations would be well advised to focus on creating a comprehensive policy to govern access to networks and applications. Customers “need to spend a lot of time … making sure their security policy asks the right questions,” noted Brendan O’Connell, manager of the product marketing group for Cisco Systems’ NAC Appliance. What software should or shouldn’t be present on an end point device? Which users will or won’t have access to a particular resource?
3. Consider enforcement point locations
NAC solutions typically provide considerable leeway as to where in the network access policies will be enforced. So, it’s up to the customer to determine the top protection priorities and locate enforcement points accordingly. An organization that seeks first to guard access to applications, for instance, may use a firewall as an enforcement point, noted Karthik Krishnan, manager of Juniper Networks’ access control products. But an organization more concerned with policing guest access may want to focus on areas such as conference rooms. In that case, a switch may be the preferred enforcement point, Krisnan said.