NAC Director: NAC Appliance for Network Access Control

NAC Director’s identity management, endpoint compliance and usage policy enforcement capabilities help organizations to:

• Provide role-based access to network resources
• Protect data from unauthorized users
• Enforce anti-virus and anti-spyware version control
• Enforce network policies
• Manage users and devices
• Meet regulatory requirements and document complianc
• verify before granting access
• control entity management.
  
  NAC solutions deliver three key elements of effective Network Access Control in an integrated, appliance-based solution that are easily added to existing networks. These are:
• Identity Management
• EndPoint Compliance
  
• Usage Policy Enforcement
  

Identity Management

With employees and others accessing using a range of devices to access network resources from diverse locations, effective network security for organizations must start with a robust identity management process. NAC Director requires all users to register prior to allowing them access to the network, allowing network administrators to:

• Control network access for wired, VPN and wireless users
• Assist in tracking all users by location, name or address (MAC and/or IP)
• Provide role-based access and levels of service via dynamic VLAN assignment

All devices that connect to the network are placed in a Registration VLAN until the device is properly registered. Another layer of protection requires the user to authenticate before connecting to the network. Each user and device on the network is registered and tracked to enhance security and access control.

Role-based access functionality ensures that users are connected to specific VLANs depending on the type of service authorized. The result is tight control over the network and a consistent, real-time view of activity.

Endpoint Compliance

NAC Director helps enterprise network administrators to ensure that all devices accessing the network meet required security standards. The solution’s endpoint compliance capabilities perform registry-based scans on each network device prior to being placed on the live network.

Devices that are ‘at risk’ are placed in a secure Quarantine VLAN where they can remediate issues without helpdesk intervention. Throughout the network session, ongoing port-based vulnerability scans are performed by an embedded open-source Nessus application.

NAC Director for Network Access Control protects the network by monitoring the following:

• Operating system type and patch levels
• Anti-virus application type and definition version levels
• Anti-spyware application installation
• Presence of required applications such as firewalls and other programs

Usage Policy Enforcement

Faced with distributed networks, regulatory requirements and evolving technology developments, enterprise network administrators must meet the challenge of ensuring that all users who access the network are adhering to network policy.

NAC Director is a powerful tool that tracks activity and ensures that clients on the network do not abuse services. Using scheduled scanning, the solution applies role-based identity information to ensure policies are user-specific. This approach integrates all identity management and endpoint compliance data with usage policy to ensure optimum performance.

NAC Director interfaces with third party solutions to gather critical information to determine if network violations are occurring. The result is identification, notification, problem isolation and corrective action.

The solution allows network administrators to:

• Enforce acceptable network use policies
• Control chatting, gaming and file sharing
• Limit bandwidth usage
• Interface with IDS, traffic shapers, and other external devices