Cloud Security|Cloud computing offers advantages over building and maintaining private data centers including flexibility, reduced maintenance and operations costs and the ability to employ lower powered, lower priced personal computers.
The Conficker worm doesn't directly have anything to do with NAC, but as is the case when any pervasive attack becomes high profile, vendors leap in to point out how their products could have prevented the problem.
In the case of NAC products and Conficker, this is pretty much true. The worm takes advantage of a Windows flaw for which a patch has been written, but that has not been patched in as much as a third of Windows machines, according to some estimates.
If NAC were in place for all machines attaching to networks, machines without the required patch could be denied access. So if the vulnerability has been exploited, the infected machines won’t be able to spread it around on a corporate network because they won’t be able to gain access.
And even if an infected machine does gain access, with post-connect NAC the behavior of the worm probing and propagating could be blocked or the machine could be knocked offline altogether.
So this is the classic black-and-white case in favor of NAC if fighting off this particular infection is important enough.
By all reports Conficker, AKA Downadup, is difficult to remove and alters PC settings to make it difficult for machines to get the needed Microsoft patch or connect to Web sites likely to contain instructions on how to remediate the worm. It’s a good exploit to avoid if possible.
In any case, Conficker on its own is probably not a sufficient reason to run out and buy a NAC product, but it is emblematic of a category of problem that NAC can effectively address.
Tim Greene is senior editor at Network World.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (14)
Yes but we already do this...By Just Some Guy on January 27, 2009, 7:46 am...at the network level, where it belongs. Pretty much every time the Windows boxes go and get themselves in a knot with the latest worm. At this point it's practically...
Reply | Read entire comment
What is NACBy Anonymous on January 27, 2009, 8:35 amHow can anyone understand your article (outside geekworld) if you don't say what NAC is?
Reply | Read entire comment
"How can anyone understand your article (outside geekworld) if yBy Anonymous on January 27, 2009, 8:52 am"How can anyone understand your article (outside geekworld) if you don't say what NAC is?" Instructions: 1. Ctrl+T (this will open a new tab) 2. www.google.com Complaint...
Reply | Read entire comment
Article Too ConfusingBy Anonymous on January 27, 2009, 10:55 amHow can anyone understand your article when you don't even explain what these 'Windows machines' are?
Reply | Read entire comment
We don't have to worry about NACBy Anonymous on January 27, 2009, 11:04 amIf you were to install Ubuntu Intrepid Ibex as your operating system you wouldn't have to go around installing unknown packages like NAC
Reply | Read entire comment
Take your idiotic LinuxBy Anon on January 27, 2009, 11:53 amTake your idiotic Linux proselytizing elsewhere. NAC is an enterprise product not a desktop product. Enterprises do not run Linux desktops. Why? Because it's completely...
Reply | Read entire comment
View all comments