April 2008
Intermediate to advanced
288 pages
7h 8m
English
book
Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control
by Daniel V. Hoffman
Content preview from Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.
4.2. Unintentional LAN-Based Threats
You have now seen briefly how unintentional threats can cause problems on a LAN. Although these users are utilizing their systems with the most honorable of intentions, they can still cause problems by the simple act of them connecting to the LAN.
NOTE
I spoke with a company that actually caused one of their customer's LANs to become infected. One of their laptops contained malware, and it spread throughout the customer's LAN. That is certainly not a good position to be in and was why that company was seeking a Mobile NAC solution!
Unintentional threats are not limited to outsiders. Employees can cause unintentional infections as well. The following are the two types of devices of which to be aware of in regard to unintentional threats:
Corporate-owned devices that are authorized to connect to the LAN
Guest (or unknown) devices that may or may not be authorized to connect to the LAN
When utilizing a LAN-based NAC/NAP solution to address unintentional threats, the enterprise has a few decisions to make on how it wants to address this threat from a topological standpoint. How this is done defines the types of threats to which the LAN is vulnerable. The topology considerations include the following:
Having all guest/unknown device access be limited to guest networks, which are separate from the corporate LAN
Assessing the devices and providing access based upon their security posture
4.2.1. The Pros and Cons of a Guest Network
Guest networks have ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Read now
Unlock full access
More than 5,000 organizations count on O’Reilly
O’Reilly covers everything we've got, with content to help us build a world-class technology community, upgrade the capabilities and competencies of our teams, and improve overall team performance as well as their engagement.Julian F.
I wanted to learn C and C++, but it didn't click for me until I picked up an O'Reilly book. When I went on the O’Reilly platform, I was astonished to find all the books there, plus live events and sandboxes so you could play around with the technology.Addison B.
I’ve been on the O’Reilly platform for more than eight years. I use a couple of learning platforms, but I'm on O'Reilly more than anybody else. When you're there, you start learning. I'm never disappointed.Amir M.
I'm always learning. So when I got on to O'Reilly, I was like a kid in a candy store. There are playlists. There are answers. There's on-demand training. It's worth its weight in gold, in terms of what it allows me to do.