What is Network Access Control? (NAC) Why do I need it?
Network Access Control or NAC for short is a security appliance that controls access to Wired and Wired Networks access. It is the workhorse that powers things like Role Based Authentication, Secure IoT, and Security for BYOD. NAC helps to eliminate problems such as shared WiFi passwords.
- NAC is the most recommended security tool for Wired and Wireless networks by Cybersecurity Professionals.
- NAC increases network visability, helps reduce cyber threats, and improves network performance.
- The visibility and reporting of NAC helps with identifying threats and helps with audits.
How does Network Access Control Work?
Essentially NAC identifies devices on a network. NAC then takes the attributes of the device and uses them to determine what level of network access and/or denies network access completely. Some of the attributes used to make these security decisions are:
- Type of Device
- Make, Model, and OS Version of Device
- Time of Day
- Does the device have up to date anti-virus?
- Does the device have latest OS patches?
- Is the device a Guest user?
- Does the Guest user require sponsored access?
As you can see decisions can get quite complicated. This is why you will need a Professional who is Certified in the Network Access Control appliance used.
An Example would be, say you are a manufacturer of electronic control systems. In your factory you have several use cases with different needs. You use sensors to monitor equipment, engineers and technicians who use specific software, accounting who needs access to the financials, HR who needs access to sensitive employee information, visiting consultants who need access to printer and scanners, and a Guest Network for hourly employees. As you can imagine the security policy can get complex quickly and its not practical to give everyone their own WiFi Network. With Network Access Control users can be quickly sorted by their assigned role and granted the appropriate level of network access.
- Accounting would have access to financial software, general internet, and email.
- Engineers would have access to Monitoring Software, Project Schedule Software, General Internet, and email.
- HR would have access to HR Software and personnel files, General Internet, and email
- Visiting Consultants would have access to Printers, Scanners, and General Internet
- Hourly Employees would have access to General Internet
- Sensors would have access to the Monitoring Software and would be blocked from the General Internet due to them being IoT devices with possible vulnerabilites.
The above is just an example of a single use case. All use cases are different and that’s why we ask lots of questions before we recommend a NAC solution for our customers. Because every solution is unique I would love to discuss your WiFi and Security needs with you. Feel free to click on Contact and complete the form or book some time with me.
Book Time: https://calendly.com/mogilityphillip
Check our our other Services: https://www.mogilitynetworks.com