Skip Links

Network World

  • Social Web 
  • Email 
  • Close

(Comma separation for multiple addresses)
Your Message:

Getting more than you bargained for with NAC

NAC can act as a backstop to other applications
Security: Network Access Control Alert By Tim Greene , Network World , 11/06/2008
Tim Greene
Sign up for this newsletter now!

Cloud Security|Cloud computing offers advantages over building and maintaining private data centers including flexibility, reduced maintenance and operations costs and the ability to employ lower powered, lower priced personal computers.

  • Share/Email
  • Tweet This
  • Comment
  • Print

NAC is supposed to do a lot of things, and once it's installed customers are finding that often NAC does even more than they bargained for.

One of these things is that NAC can act as a backstop to other applications such as patch management that are supposed to maintain the proper corporate desktop image. Many customers say that when their NAC gear tests the health of endpoints, it often discovers that machines that should have been patched have not been or that updates that should have been installed haven’t.

One customer actually had statistics on the improvements. With patch-management software alone, 70% of endpoints were actually patched within 30 days of when the distribution started. With NAC in place checking for unpatched machines as part if its tests, that compliance jumped to 99% within 7 days.

Similarly, the same customer found that vulnerabilities on its endpoints dropped significantly after NAC was installed. On its 50,000-endpoint network, the average number of vulnerabilities was 4.3 per machine. After NAC was in place and testing for some of the items that accounted for vulnerabilities, that number dropped to 1.3 per machine.

While some may debate whether NAC is an effective security platform – and some well informed security experts say it is not – it is undeniably a risk-mitigation tool. Having patched operating systems, updated antivirus and personal firewalls that are properly configured and turned on all contribute to lower risk. As these numbers from an actual user demonstrate, the benefits can be dramatic.

Tim Greene is senior editor at Network World.

  • Share/Email
  • Tweet This
  • Comment
  • Print
Comments (1)
Login
Forgot your account info?

Some good pointsBy Anonymous on January 27, 2009, 11:47 pmNetworking people usually only think about the network, so they're quick to ignore that computers are usually the mechanism that people use to wreak havoc. People...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed