By Topic

Network access control (NAC): An open source analysis of architectures and requirements

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Serrao, G.J. ; Senior Tech. Dev. Program, Nat. Security Agency (NSA), Fort Meade, MD, USA

The main goal of NAC is to extend the security of networks to the end-point by measuring the authenticity, integrity and security posture of each end-point prior to granting network access. To do this, the following functional areas must be present: authentication/authorization, assessment of security posture, quarantine and remediation. This paper presents an overview of an in-depth NAC requirement analysis performed against three NAC products based entirely on open source literature. The emphasis of the analysis was to define functional and security gaps across all products and make recommendations to improve the overall security and interoperability of NAC products. This paper identifies: 1) Key design and implementation choices that are required based on stakeholder requirements 2) Areas where NAC does not meet stakeholder(s) requirements 3) Areas that have not been adequately defined for implementation 4) Recommendations to improve the security posture of NAC products. An analysis of each product is performed in the following areas: 1) System Administrator Interface and Policy Settings 2) Authentication 3) Integrity Measures 4) Remediation 5) Security 6) Functional 7) Non-Functional This analysis and research of NAC lead to seven general recommendations for improving the security of NAC products and four recommendations for deploying and implementing them.

Published in:

Security Technology (ICCST), 2010 IEEE International Carnahan Conference on

Date of Conference:

5-8 Oct. 2010