Pre-connect NAC – The first building block of a controlled guarded enterprise LAN

For those of you who are confused by the different terms, pre-connect NAC is the phase in which the identity of the device and the identity of its user are to be verified.

With pre-connect NAC any device trying to access the Enterprise LAN must be authorized, and the identity of the user using this device must be authenticated.

Pre-connect NAC allows disallowing access from rogue devices (non-authorized devices), and from unauthorized users.

Proving the identities of those using our infrastructure is a major piece with the overall security and control NAC is bringing along (Just as a reminder, pre-connect NAC is followed, usually, with posture validation tests, and post-connect capabilities).

Pre-connect must also deal with devices such as printers, VoIP phones, etc, which an identity of their user cannot be verified. Instead parameters regarding the device are those who should be verified (type of device, purpose, capabilities, etc.). These devices need to be constantly monitored so they would not be abused for an attack.

As demonstrated, pre-connect NAC has an important rule with NAC, and its values cannot be dismissed.

Advertisements

Tags:

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: