How do VPNs fit within enterprise network access control architectures like NAC and NAP?

NAC and NAP security architecture offer similar endpoint security solutions as SLL VPNs. NAC and NAP architecture differs from an SSL VPN because they treat internal users as possible threats.

SSL VPN products started offering the endpoint security techniques that I just described long before those access control architectures became popular inside corporate LANs. Those architectures turn the corporate LAN inside out by treating every user and every device -- local or remote -- as potentially unknown, potentially infected, and thus potentially dangerous. Companies are used to dealing with remote access users this way -- NAC architectures just apply this philosophy to local users too.

Cisco's NAC architecture can use the Cisco 3000 VPN concentrator as a network access device -- a NAD is an element that sits at the edge of a protected network to permit/deny access and enforce admission decisions. The key component of Microsoft's NAP is not yet released, and Microsoft's architecture does not officially incorporate any specific VPN products. However, many VPN vendors have expressed their intent to support NAP.

This doesn't translate into a lot of NAC- or NAP-capable VPN products today. However, those architectures are still in their early days, and I do expect to see much broader VPN support for NAC and NAP in the future.

This was last published in December 2007

Dig Deeper on Virtual Private Network (VPN)

PRO+

Content

Find more PRO+ content and other member only offers, here.

Start the conversation

Send me notifications when other members comment.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Please create a username to comment.

-ADS BY GOOGLE

MicroscopeUK

SearchCloudProvider

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchConsumerization

SearchDataManagement

SearchBusinessAnalytics

Close