Get started Bring yourself up to speed with our introductory content.

How do VPNs fit within enterprise network access control architectures like NAC and NAP?

NAC and NAP security architecture offer similar endpoint security solutions as SLL VPNs. NAC and NAP architecture differs from an SSL VPN because they treat internal users as possible threats.

SSL VPN products started offering the endpoint security techniques that I just described long before those access control architectures became popular inside corporate LANs. Those architectures turn the corporate LAN inside out by treating every user and every device -- local or remote -- as potentially unknown, potentially infected, and thus potentially dangerous. Companies are used to dealing with remote access users this way -- NAC architectures just apply this philosophy to local users too.

Cisco's NAC architecture can use the Cisco 3000 VPN concentrator as a network access device -- a NAD is an element that sits at the edge of a protected network to permit/deny access and enforce admission decisions. The key component of Microsoft's NAP is not yet released, and Microsoft's architecture does not officially incorporate any specific VPN products. However, many VPN vendors have expressed their intent to support NAP.

This doesn't translate into a lot of NAC- or NAP-capable VPN products today. However, those architectures are still in their early days, and I do expect to see much broader VPN support for NAC and NAP in the future.

Dig Deeper on MSPs and cybersecurity

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.