TechTonic Times

Security I Networking I Storage I IT Staffing I Managed Services

3 Network Access Control objections: a.k.a ‘alternative facts.’

Network Access Control Objections

I have heard my share of Network Access Control objections (NAC), but these three (3) have a following; a movement of sorts:Network Access Control Objections

  1. “We have a firewall-so we don’t need to worry about NAC.”
  2. “Our wireless controller already has a built-in system like this.”
  3. “We already use Mobile Device Management  (MDM) to ensure security of our devices.”

There is nothing better than a movement for a worthy cause. Consider the Women’s march in DC on January 21, 1017?

I stand with those women.

However, the focus of this post, is Network Access Control objections. [Further reading: Critical Security Controls:What’s NAC got to do with it].

The truth,  neither knows, nor has it e-v-e-r known an alternative, except, for its opposite—

A Lie.

There are, however,  alternatives to Network Access Control, a.k.a  consequences to negligence and or poor decisions.

Here are some considerations for the Network Access Control objections stated above:

Firstly, even Next Generation firewalls cannot perform access control on guests or BYODs. They can only do so on managed/Active Directory devices. Furthermore, firewalls are built to focus on the traffic coming in from the outside. The inside threat, an organization’s own users, pose the greatest risk to their network.

Imagine that?  Your allies are also your enemies. A conundrum, if ever there was one.

Secondly, NAC handles your wired and VPN networks as well. It also focuses on the enhancement of  the devices on your network, in ways that wireless controllers do not. For example, can wireless controllers check for anti-virus software or can they check on OS patch level policies?

And thirdly, Mobile Device Management  (MDM) software will not ensure the security of your devices.

Here are three (3) reasons why:

  1.  MDMs cannot take action on a device that is deemed a security threat?
  2.  MDMs will not address the Windows and OSx machines on your network?
  3. Have you considered the outcome if someone removes the MDM client from your phones, which would cause a blind spot? What policy do you have in place to address this occurrence?

Are  you now willing to vet Network Access Control solutions? If so, please contact us.

If not, consider the current Security Climate. Are you able to identify the Internet of Things (IoT) devices that connect to your network?

Beyond these recommendations to implement a sound Network Access Control solution, ‘alternative facts,’ may be the ‘right’ alternative for you.

Sources: 

 

It's only fair to share...Share on Facebook
Facebook
0Tweet about this on Twitter
Twitter
Share on LinkedIn
Linkedin

One thought on “3 Network Access Control objections: a.k.a ‘alternative facts.’

  1. I really admire the valuable information you have been able to share us through this post. I think MDM or MAM policies simply stop working as users collaborate with business partners, thereby identifying different ways in exchanging information.

Leave a Reply