April 2008
Intermediate to advanced
288 pages
7h 8m
English
book
Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control
by Daniel V. Hoffman
Content preview from Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
2.5. Remediating the Security Deficiency
This is one of my favorite parts of NAC solutions. As you're probably getting tired of hearing already, the goal is to get people productive and have them be secure, not just locking people out. Because of this, it is important for NAC solutions to be able to fix the problems.
You will find that many NAC/NAP vendors skirt around the issues when it comes to the remediation portion of the solution. That is because many NAC/NAP solutions simply do not offer a component that will fix the discrepancies. Some do offer integration with leading patching solutions and other third-party systems, though some simply won't do anything to the device.
In my opinion, giving the end user a link to a web site where the user can fix the deficiency is ridiculous, although some solutions will do this. This takes the responsibility and control out of the hands of IT and places it on the end user. While this may sound good to some IT departments, it's really irresponsible. The end users' job is to do their job, not to learn how to install patches.
2.5.1. Remediation Actions
Remediation actions can take place via the NAC solution itself, or they can come from separate third-party remediation services, such as Tivoli, System Management Server (SMS), and so on. Here are some common means to remediate security deficiencies within NAC solutions:
Push down operating system patches
Push down Microsoft Office patches
Push down Internet Explorer and other browser patches ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.