From BlackHat to BlackHat, any changes to bypass-able NAC solutions?

Last week I was asked by a reporter whether any of the NAC bypass issues I discussed in my BlackHat USA 2006 presention (August, 2006) have been remedied in the six months since then.

My answer was no. In other words, those that could be bypassed then can still be bypassed today.

The question was in light of the upcoming BlackHat DC 2007 (February, 2007) conference where I will be giving an updated presentation about bypassing NAC. In fact, I will present more ways to bypass NAC and with more examples of NAC solutions that are vulnerable.

One trend I have identified in the last six months is the growing number of IT professionals who understand what NAC is; what it should and should not provide. They are asking the right questions when examining NAC solutions (see: The Definition of NAC and Questions to ask in a NAC RFI/RFP)

A NAC solution that can be bypassed or does not identify elements operating on the network is not a solution someone should consider. It actually creates a false sense of security and cannot meet an organization’s compliance requirements.


Tags: ,

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: