NAC is being used by the municipality of Fredrikstad Kommune to simplify its complex access restrictions to servers that would otherwise require individual policies and access controls. The Norway municipality set up a Juniper ISG router in the network to enforce NAC policies determined by a Juniper Infranet Controller (IC) device.

The IC can make decisions based on the person trying to access applications, the machine and the access method - LAN, WAN, VPN - and impose varying levels of security on the authorization.

For instance, one goal of the municipality of Fredrikstad Kommune was to secure printing. With Juniper’s Unified Access Control in place, uses that want to print must connect to the printers via IPSec VPN.

A presentation about this municipal implementation was made at a recent Network World IT Roadmap event held in Washington, D.C. Details of the presentations for the session are available here, you’ll have to create an account with a user name and password. There’s no questionnaire, so it’s pretty fast. Then choose Washington, D.C. from the dropdown menu.

The presentation was made by a Juniper employee, Steve Hanna, who used the municipal example as a way to highlight the use of industry standards in NAC to support multi-vendor environments. Hanna is also the co-chair of the Trusted Computing Group’s Trusted Network Connect project that writes NAC standards.

In the case of Fredrikstad Kommune, Juniper firewalls became the enforcement points for the NAC policies rather than switches, which were made by another vendor.

Tim Greene is senior editor at Network World.