Network Access Control For Dummies®

Network Access Control For Dummies®

by Jay Kelley, Rich Campagna, Denzil Wessels
Released May 2009
Publisher(s): For Dummies
ISBN: 9780470398678

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

Network access control (NAC) is how you manage network security when your employees, partners, and guests need to access your network using laptops and mobile devices. Network Access Control For Dummies is where you learn how NAC works, how to implement a program, and how to take real-world challenges in stride.

You’ll learn how to deploy and maintain NAC in your environment, identify and apply NAC standards, and extend NAC for greater network security. Along the way you’ll become familiar with what NAC is (and what it isn’t) as well as the key business drivers for deploying NAC.

  • Learn the steps of assessing, evaluating, remediating, enforcing, and monitoring your program

  • Understand the essential functions of Authentication, Authorization, and Accounting

  • Decide on the best NAC approach for your organization and which NAC policies are appropriate

  • Discover how to set policies that are enforceable and reasonable enough to be followed, yet still effective

  • Become familiar with the architectures and standards essential to NAC

  • Involve and motivate everyone in the organization whose support is critical to a successful implementation

Network Access Control For Dummies shows you the steps for planning your implementation, who should be involved, where enforcement should occur, and much more. When you flip the switch, you’ll know what to expect.

Table of contents

  1. Copyright
  2. About the Authors
  3. Dedications
  4. Authors' Acknowledgments
  5. Publisher's Acknowledgments
  6. Introduction
  7. Unlocking the Mysteries of NAC
    1. Developing a Knack for NAC
      1. NAC's Evolving Description
      2. A Diagram Is Worth a Thousand Descriptions
      3. The Best NAC Approach
      4. Leveraging What You Have Today
    2. Knowing Why You Want NAC
      1. What Are the Reasons for NAC?
      2. That's Why They're Called Trojan Horses
      3. Where Have You Been?
      4. Wireless Networks and NAC
      5. NAC and Compliance
      6. Be Our Guest
      7. Off-Shoring and Outsourcing
      8. Insider Access and Threats
      9. Keeping Business Running
    3. The NAC Lifecycle
      1. Policy and the NAC Lifecycle
      2. Taking Inventory
      3. Putting the Pieces Together
      4. Not So Fast...
      5. Let Me In!
      6. We're Watching You
    4. NAC Components
      1. Creating Policy
      2. Dealing with Clients
      3. Enforcement Time
      4. Remediation
    5. SSL VPNs
      1. In the Beginning, There Were SSL VPNs
      2. So ... NAC to Get In
      3. SSL VPN Use Cases
  8. NAC in Your Network
    1. Writing a Corporate Security Policy
      1. What Policies Do You Need?
      2. You Want Me to Do What?
      3. A Living Document: The Security Policy Lifecycle
      4. Getting Started: Standards and Web Resources
      5. Writing Your Own Security Policy
    2. Herding the Cattle
      1. Analyzing the Terrain
      2. A Team Security Blanket
      3. Networking Social
      4. A Clean Desk(top)
      5. Compliant with Compliance
      6. Other Players
      7. 1 + 1 = 3?
      8. Help! (Desk)
      9. User-bility
      10. The Cattle Corral
    3. Identifying Who's On My Network
      1. Hey, It's Me
      2. Identity Authentication
      3. Authorizing the Workforce
    4. Verifying that a PC Is Safe
      1. All PCs Are Not Created Equal
      2. Which Device Gets the Trust?
      3. Help! My Machine Is Infected!
      4. Get Scanned in Mid-Stream
    5. Deciding Where to Enforce
      1. Operating Modes
      2. Endpoint/Software Enforcement
      3. Inline Appliances
      4. Network Infrastructure
      5. Other Enforcement
    6. Flipping the Switch
      1. Gearing Up for the Deployment
      2. Evaluation Before Enforcement
      3. What Are Your Best Practices?
      4. Professional Services and Consulting
  9. NAC in the Real World
    1. NAC Architectures
      1. Cisco Network Admission Control (Cisco NAC)
      2. Microsoft Network Access Protection (NAP)
      3. How Microsoft NAP Works
      4. Trusted Network Connect (TNC)
      5. Working with the TNC Architecture
      6. Internet Engineering Task Force (IETF) Network Endpoint Assessment (NEA)
      7. Working Together
    2. The Role of Standards
      1. Making the Case
      2. IETF Standards
      3. IEEE Standards
      4. Open NAC Standards
    3. Extending NAC
      1. Learning from Your Network
      2. Extending NAC Enforcement
      3. Extending NAC on the Endpoint
  10. The Part of Tens
    1. Ten Best Practices
      1. Have a Complete Plan for NAC
      2. Leverage Existing Authentication
      3. Endpoint Compliance
      4. Policy Enforcement
      5. Management
      6. Logging, Reporting, and Auditing
      7. Helpdesk Support
      8. Day-to-Day Operation
      9. Maintenance and Upgrades
      10. Future Expansion
    2. Ten Steps to Planning Your NAC Implementation
      1. Understand NAC
      2. Create (or Revise) Your Corporate Security Policy
      3. Build a Cross-Functional Team
      4. Seek Vendor Info and RFPs
      5. Test a Proof of Concept
      6. Implement a Pilot
      7. Rollout a Limited Production
      8. Deploy the Full Production and Evaluate Policies
      9. Deploy Full Production with Policy Enforcement
      10. Assess and Re-Evaluate at Regular Intervals
    3. Ten Online Information Sources
      1. Network World on NAC
      2. Trusted Computing Group
      3. IETF NEA
      4. Gartner NAC Marketscope
      5. Forrester NAC Wave
      6. Cisco NAC
      7. Juniper Networks UAC
      8. Microsoft NAP
      9. Symantec NAC
      10. Bradford Networks NAC
    4. Ten Definitions
      1. 802.1X
      2. AAA
      3. Endpoint Integrity
      4. Policy Decision Point
      5. Policy Enforcement Point
      6. Statement of Health
      7. Trusted Network Connect
      8. Juniper Networks Unified Access Control
      9. Microsoft Network Access Protection
      10. Cisco's Network Admission Control
  11. Index

Product information

  • Title: Network Access Control For Dummies®
  • Author(s): Jay Kelley, Rich Campagna, Denzil Wessels
  • Release date: May 2009
  • Publisher(s): For Dummies
  • ISBN: 9780470398678