NAC is user-focused network-based access control.
The term "user-focused" implies that users are authenticated and authorized. The policy expressed in the access control part of NAC (the user's authorization) is based on who the user is, as determined by some authentication mechanism such as captive portals, MAC-based authentication, port-based authentication, or third-party authentication.
A second part of the term "user-focused" is the ability to include the user's platform in the access equation. The general idea, which is typically referred to as "endpoint security assessment", is a check of the user's access device. The most common approach is to run some software on the user's device which reports the security status of the device back to a central NAC policy server.
Finally "access control" means granting - or restricting - admission to the network according to set policy. There are four common NAC admission scenarios: go/no-go access, VLAN-based access controls, simple packet filters, and stateful firewalling.
Additional Resources
NAC Research Center
Latest NAC news and analysis from Network World.
