What is network access control (NAC)? Network access control (NAC) is a type of security software solution that controls who can access a network and in what capacity. These security solutions provide network visibility and access management by enforcing the security policies on connected devices across the network.
Network access control (NAC) solutions work by using your directory system or multi-authentication platform and enforcing security policies on every device that attempts to connect to your network.
Since NAC solutions are rule-based, you can set different access rules according to the role of the entity that tries to connect, and the NAC will enforce them. For instance, a college student would have more access to the college’s network than a guest would.
Every time an entity, device, or user wants to access your network, the NAC solution looks at the person’s role, the level of permissions, and how the device aligns with the security policies you’ve stated previously. Then it blocks or allows the connection based on the rules.
The exponential growth of mobile devices connecting to networks also exponentially increases the possible attack surface. Every connected device represents a potential entry point for an attacker. Thus, it is critical to provide visibility, access control, and compliance to the network security infrastructure.
NAC systems can block or allow access to devices that don’t comply with the security rules. They can also quarantine malicious packets and restrict access to computer resources. As such, NAC is a solution that works to prevent unauthorized access to a network.
Some experts can argue that there is no longer a need for network access control when most of the applications and workloads of organizations today are in the cloud. Since most companies allow the use of personal devices for work (BYOD or “bring your own device”) and due to the widespread usage of IoT (internet of things), it may seem irrelevant to try to defend a network perimeter.
Next-generation NAC solutions address these concerns and have evolved to include hybrid cloud, distributed networks, and wireless endpoints (like IoT and BYOD). With the increasing numbers of organizations moving to the cloud, there is a need for NAC solutions that provide the visibility and accuracy necessary for the handling of complex networks.
Wireless network access control or 802.1X network access control is an Institute of Electrical and Electronics Engineers standard for network access control that covers wired and wireless access points. This standard defines the authentication controls for users or devices that try to access a LAN (local area network) or WLAN (wide area network).
Traditional network access control doesn’t address issues caused by wireless network access, BYOD (bring your own device), and cloud computing. This expanded attack surface results in increased exposure of the perimeter to threats.
The new distributed attack surface results in an evolution of what the NAC needs to protect. Formerly, the network access control only had to monitor and protect a perimeter of connected devices. Nowadays, the NAC also needs to protect the network from wireless devices and access points. Wireless NACs do exactly that.
Network access control solutions differ in capabilities, but here are some key features that are common to all of them:
There are three main reasons you should invest in network access control:
NAC helps you answer the following questions:
By providing increased visibility, protection, and performance, a NAC solution can help keep devices monitored and access managed regardless of the device or user.