Portnox experts talk about the importance of the NAC solution

News | 09.01.2018

This article presents the reasons why a valuable offer of Network Access Control (NAC) solutions in recent years has changed due to the emergence of wireless networks in combination with technological advancement that led to the introduction of BYOD and IoT devices into the enterprise.



The growing demand for NAC solutions. 

Since in the early 2000s, for the first time, access control for the network (NAC) was put in place, much has changed in the field of enterprise security. If companies used only desktop computers and laptops connected and authenticated over a wired network, now wireless networks and mobile technologies have implemented personal devices (via BYOD) and Internet of Things (IoT) at the workplace. In addition, increasingly stringent compliance standards, such as the PCI-DSS, SOX and ISO standards, require companies to publicly report their security controls to external audit authorities. As a result, the demand for NAC solutions has grown rapidly in recent years: Research and Markets predicts that by 2022 the NAC market will cost $ 4.39 billion. However, the cost of NAC solutions goes far beyond the response to specific problems with devices, network and compliance.
NAC solutions can effectively respond to the "First 5 CIS controls" or to the high security requirements recommended by government and private security research organizations that can eliminate approximately 85% of organizational security vulnerabilities. When implemented with an existing security infrastructure such as SIEM, IPS, MDM, and others, NAC solutions can provide an effective intelligence that simplifies the response to changes in the network. These benefits and much more are outlined below, explaining why now, more than ever, corporate networks need to put NAC on the priority list when it comes to securing the organizational network.
Those who are familiar with the market for cybersecurity providers know that because of the spread of solutions, many organizations are overwhelmed by what is known as the "Fog of the Greater", or a constant stream of new information and problems that they need to address. As a result, the Internet Security Center (CIS) has developed a list of the best management elements to help organizations focus their cybersecurity needs and choose solutions that will take into account the greatest number of vulnerabilities.

While specific solutions are not mentioned, NAC refers to most of the 20 controls and provides full coverage of critical TOP-5, namely:

Control CIS 1: Inventory of Authorized and Unauthorized Devices
Control CIS 2: Inventory of Authorized and Unauthorized Software
Control CIS 3 monitoring: secure configurations for hardware and software
Control CIS 4: Continuous assessment and removal of vulnerabilities
Management of CIS 5: Controlled use of administrative privileges


Features and benefits of NAC solutions. 

  • Visibility in the network: NAC solutions are a "universal store" when it comes to getting the visibility of connected devices on the network and providing network management tools.
  • Access control: At the core of any NAC solution is the ability to control access to the organizational network.
  • Unified management. By providing the ability to see and control devices connecting to the network, NAC solutions offer a single management console that simplifies key tasks for network administrators and security administrators.
  • Internet of Things addresses: NAC eliminates security issues, allowing you to see the visibility of IoT in a system without an agent. He can see when IoT devices connect and transfer data over the network, and monitor the network areas to which they can access.
  • Integration with existing infrastructure: NAC solutions can use warnings from integrated systems to formulate better responses to threats or network state changes. They also integrate with user-defined repositories, such as Active Directory, to manage network access based on Group Policy, ensuring that users only have access that they need.
  • Achieving compliance: NAC solutions in particular can help organizations meet growing compliance standards in many industries, such as PCI-DSS, SOX, HIPAA, ISO 27002 and NIST.

10 years ago, the conversation around the NAC solutions was focused on managing wired networks, laptops and desktop devices in the enterprise, and today the valuable offer of NAC solutions has increased noticeably. Due to the proliferation of wireless networks and mobile devices - through BYOD and IoT - the workplace has, on the one hand, a more flexible environment, and on the other - increased vulnerabilities and cyber-risk. Since the NAC solutions deal with the "first 5 CIS controls", and also provide intelligence in network behavior through various integration and compliance methods, they are well suited to help solve these problems.
Thus, by controlling access to the network using the NAC solution, organizations monitor their impact on a wide range of emerging digital business risks, keeping their organizational network healthy and safe.


Softprom - the official distributor of Portnox

Send your inquiry