BROADCASTS.com

b"

Hello everyone my name is vijay kumar Devireddy and i am glad to have you back on my episode 53 today we are discussing about Network Access Control Network Access Control or NAC is used to protect your network from both known and unknown devices.With NAC, a device is scanned to determine its current state of security prior to it being allowed access to your network.Now, NAC can be used for computers that are within your internal network that are physically located in your buildings and connected to it or it can be applied to devices that are connected into your network remotely through a VPN.When a device attempts to connect to the network,it's placed into a virtual holding area while it's being scanned.Now, the device here can be checked for a number of different factors,including its antivirus definitions to make sure they're up to date,the status of its security patching,and other items that might introduce security threats into the network if you allowed it to connect.Now, if a device passes this examination,it's allowed to enter and receive access to all of the organizational resources that are provided by your network.If the device fails the inspection, though,it's instead placed into a digital quarantine area.And it awaits remediation. While it's in this area, the device can receive its antivirus updates,it can get its operating system patches,and any other security configurations and services it needs. But it can't logically communicate with other portions of the network.That's why it's been placed in quarantine.Like a bad child, the device has been placed in time out until it can be rehabilitated and meet the requirements of the initial NAC examination.Once it successfully meets those requirements,it's then moved into the network and receives full access, again,to your organizational resources.Now, NAC's solutions can be run either using Persistent or Non-Persistent Agents.Persistent Agents are a piece of software that's installed on a device that's requesting access to the network.This works well in a corporate environment because the organization owns all the devices and controls their software baselines,but it doesn't work really well if you're using an environment where people bring their own devices.Instead, you might want to use a Non-Persistent Agent for this.A Non-Persistent Agent solution was developed and is very popular in college campuses where people bring their own devices in.These solutions require the users to connect to the network, usually over wifi,and then they go to a web-based portal for log in,and they have to click a link.When they click that link, the link then downloads an Agent onto their computer, scans the device for compliance,and deletes itself from the user machine once it's done.Network Access Control can be offered as a hardware or a software solution.One of the most commonly used Network Access Control mechanisms is called the IEEE Standard 802.1x and it's used in port-based Network Access Control.Now, most NAC is actually built on top of this 802.1x standard.We're going to discuss the 802.1x standard in more detail in a future lesson, though.