Skip Links

Network World

  • Social Web 
  • Email 
  • Close

NAC, VoIP security draw questions at Black Hat

Jericho Forum of enterprise customers to issue white paper on network access-control concerns.
By Ellen Messmer , Network World , 08/07/2006
  • Share/Email
  • Comment
  • Print

LAS VEGAS - At the Black Hat conference this week, security researchers drew attention to shortcomings in network access control and VoIP products, voicing criticisms that rang true to some enterprise network customers.

The range of NAC products on the market today to enforce endpoint security policy have fundamental design weaknesses that would let attackers bypass them through spoofing, inserting rogue servers and other methods, said Ofir Arkin, CTO at Insightix, during his presentation at the conference.

A NAC product "must be able to detect a new element connecting to the network and have the ability to verify whether or not it complies with a defined security policy," said Arkin, who categorized the NAC products today as agent-based DHCP proxy, broadcast listeners that use remote scans to identify network devices and 802.1X-based clients.

While mentioning only Cisco and Symantec NAC products by name, he detailed various attacks based on masquerading and spoofing that could foil detection across a wide range of products. He also noted that most products rely on agent software running on Windows or on proprietary switches and other equipment, which makes NAC hard to deploy in large organizations and incomplete in terms of monitored devices.

  • Share/Email
  • Comment
  • Print
Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.

Comment
Login
Forgot your account info?
Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Network World,to go. Wherever you are. Breaking news delivered to your mobile device. Select the hottest topics in networking and start receiving Network World on your mobile device today.