Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

NAC concerns for visitors

NAC concerns for laptops brought into organizations by guests
Security: Network Access Control Alert By Tim Greene , Network World , 05/03/2007
Tim Greene
Sign up for this newsletter now!

Cloud Security|Cloud computing offers advantages over building and maintaining private data centers including flexibility, reduced maintenance and operations costs and the ability to employ lower powered, lower priced personal computers.

  • Share/Email
  • Tweet This
  • Comment
  • Print

NAC is often touted as a good tool for dealing with the security of laptops brought into organizations by guests and contractors, but it has its shortcomings.

A device managed by another business that comes into a corporate network is often unlikely to accept a NAC software agent from the corporate NAC server. In such cases, the NAC server can try to download a dissolvable agent or do a scan with no agent.

If no agent is used, the scan may not be considered thorough enough to warrant granting extensive network access. In such cases, the host network may decide the best policy is to grant very limited access, such as Internet access from a restricted virtual LAN.

That would not do for consultants who need access to critical network assets in order to do their work. In such cases the IT security staff from the host company and the consultant company will likely have to get together to hammer out a compromise.

For instance, from the consultant point of view, what kind of NAC agent is acceptable? From the host network point of view, what standards will the consultant be held to? If the corporate standard is to have an updated McAfee antivirus client and the consultant firm uses Symantec, how will that be resolved?

The visiting company has other legitimate concerns. It is likely to want guarantees that any NAC software - dissolvable or not - be guaranteed not to damage its machines. Frozen laptops could cripple consultants, and they are likely to want payback if theirs seize up because of an unanticipated problem with NAC software.

None of these problems is insurmountable, but plan to negotiate with partners that need extensive network access and to develop legal agreements about their network use.

Tim Greene is senior editor at Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comments (1)
Login
Forgot your account info?

Re: NAC concerns for visitorsBy Anonymous on May 3, 2007, 8:44 pmTim - While I think over all you are correct about NAC and visitors, some of the reasons you point out are exactly the things we thought of when designing our own...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed