Chapter 4. Understanding the Need for LAN-Based NAC/NAP
– Ty Webb
A flute without a hole is not a flute. A donut without a hole is a Danish.
NAC and NAP are some of the hottest buzzwords out there today. While most companies have at least heard of them, those that are actually implementing the solutions are doing so for a reason. Unless they are different from the IT and security departments I talk to, they aren't implementing these solutions because they are just sitting around looking for things to do. Following are a few reasons why companies look at these solutions:
The need to adhere to compliance regulations
Failing a security audit
Being directly affected by a security breach or loss of data
Proactively realizing the need to increase security
Most of these reasons are fairly straightforward. Somebody within the organization, or hired by the organization, says that NAC-type solutions will help. As a result, the NAC project gets started.
These reasons can hold true as reasons to implement many different types of security projects, not just to NAC-type solutions. So, why do companies actually turn to NAC to solve their needs, and what exactly is NAC protecting against? You may be surprised that a number of companies that I've spoken to don't really know exactly what they are protecting against. That is one of the main purposes of this chapter.
NAC, NAP, and Mobile NAC can play a key role in an enterprise's security strategy. These solutions can also help companies mitigate risks ...
Get Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
