NAC security: Network access control policy, product best practices

A network access control (NAC) policy can make or break the security of your customer's network. Learn about the benefits of NAC and implementation in this cheat sheet comprised of our best NAC security content.

A network access control (NAC) policy restricts endpoint access based on the device's compliance with a defined security policy. Offering this form of network security can bolster your security offerings and increase business opportunities.

In this NAC security mini guide we've gathered some of our best content on network access control and its role in an organization's infosec strategy. You'll learn about the benefits of NAC, and how to implement a network access control policy in your customers' networks. This guide will also cover how NAC technologies can improve endpoint security and NAC's role in achieving regulatory compliance.

Table of contents

Network access control defined

Pros and cons of network access control

Forms of network access control

NAC's role in regulatory compliance

Implementing NAC security products

Network access control policy for endpoint protection

CISSP: Access control policy and system basics

Network access control: A broad definition

What exactly is NAC? How do you compare NAC products? While NAC technologies continue to expand, Andrew Braunberg, senior analyst with the Washington, D.C.-based consultancy Current Analysis, defends an expanded definition that would leverage NAC as a truly ubiquitous access control system.

In this tip, learn more about NAC security and products and gain a better understanding of all the components of a network access control policy.

Making sense of network access control

Network access control is known for its complicated nature and difficult implementation. Due to the technology's setbacks, many organizations are left questioning if NAC implementation is beneficial.

In this tip, analyst Paul Roberts guides you through the pros and cons of network access control, as well as reseller benefits and opportunities so you can determine if NAC technology is a good fit for your customers.

Hot Spot Tutorial: NAC security

There are a variety of network access control technologies out there, which can lead to confusion among clients looking simply to protect their network against unprotected systems.

For more information on NAC security:

Think you already know enough about NAC? Test your knowledge in this domain of our CISSP Study Guide

Learn about the rising popularity of NAC in this Tech Watch.

Here value-added resellers (VARs) and systems integrators (SIs) can gain learn about the many forms of NAC, including their individual benefits and implementation pros and cons, in order to help clients determine which technology suits them best.

NAC's role in regulatory compliance

Regulatory compliance has been driving security services across all industries, thanks to regulations like PCI DSS and HIPAA, so it's imperative that organizations understand how network access control technologies fit into an overall compliance strategy.

Here we discuss whether NAC is a compliance enabler or detractor.

Implementing NAC security products

Network access control means different things to different people, and there are several ways of implementing NAC products -- as infrastructure-based solutions, drop-in appliances or endpoint software.

Learn how to determine the best NAC product implementation based on your customer's needs, such as cost, difficultly of installation and infrastructure standards.

Using a network access control policy for endpoint protection and compliance

Whether you're considering network access controls (NAC) for the first time or are deep into a company-wide deployment, this lesson will show you how to use a network access control policy and NAC tools to develop an endpoint protection security strategy.

You will learn how to properly integrate NAC technology amongst already existing security tools, and how network access control can help corporations overcome compliance woes.

CISSP Spotlight article: Domain 2, Access Control

Access controls enable the protection of security assets by restricting access to systems and data by users, applications and other systems.

In this CISSP Training Security School lesson on CISSP Domain 2, Access Control, learn how access controls support the core security principles of confidentiality, integrity and availability by inducing subjects to positively identify themselves and prove they possess the appropriate credentials, rights and privileges to obtain access to the target resource and its information.

Dig Deeper on Identity and access management (IAM) security services