The complete guide to NAC

Clarifying issues surrounding this emerging security architecture

There's a NAC book that just came out that gives a pretty good overview of NAC and how businesses might weigh its value.

Called Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control, it is a resource for network professionals trying to get grounded in the technology. It also goes into more detail by delving into the specifics of different scenarios for deployment.

The author, Daniel V. Hoffman, spends a good chunk of the book laying down the main NAC architectures as he sees them - Cisco, Microsoft and Trusted Computing Group. He also spends a chapter talking about what businesses might hope to achieve with NAC, which is a very useful topic. (Compare NAC products)

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

There's a NAC book that just came out that gives a pretty good overview of NAC and how businesses might weigh its value.

Called Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control, it is a resource for network professionals trying to get grounded in the technology. It also goes into more detail by delving into the specifics of different scenarios for deployment.

The author, Daniel V. Hoffman, spends a good chunk of the book laying down the main NAC architectures as he sees them - Cisco, Microsoft and Trusted Computing Group. He also spends a chapter talking about what businesses might hope to achieve with NAC, which is a very useful topic. (Compare NAC products)

He then expands on this with subsequent chapters on why customers might need LAN-based NAC and separately why they might need mobile NAC. These chapters walk readers through possible threats facing those environments and which of those threats users might hope to mitigate using NAC.

This is one of the more useful parts of the book because it methodically explains the critical aspects of access security NAC addresses. For some, it may be too high level, however, for those just coming to the table, it does set a good framework for further consideration of the technology.

Then other chapters go on to discuss both flavors of Cisco NAC, Microsoft’s NAP and how to understand both NAC and NAP as they relate to other products. Chapter 8 addresses Fiberlink’s Mobile NAC service, an inclusion that seems less odd when you consider that Hoffman works for Fiberlink, a fact not mentioned in Hoffman’s biography on the book cover. There are other mobile NAC vendors, and the book would be better if it talked about them, too.

Regardless, this 266-page book is a solid introduction to the basics of NAC that can serve as a foundation for more detailed research. It’s published by Wiley and its International Standard Book Number is 978-0-470-23838-7. (An ISBN is like an IP address for books.)

Read more about security in Network World's Security section.

Tim Greene is senior editor at Network World.