Problem solve Get help with specific problems with your technologies, process and projects.

NAC's role in regulatory compliance

Network access control technologies have been touted as a network security one stop answer. However, NAC, while vast in potential, has its limitations. Here we look at how network access control offers many answers to regulatory compliance requirements, but asks more questions of its own.

NAC Crash Course
Our Network Access Control Crash Course is designed to keep value-added resellers and systems integrators up to speed on this changing market.

Network access control technologies have been touted as a one stop answer for network security. However, NAC, while vast in potential, has its limitations. Here we look at how network access control offers many answers to regulatory compliance requirements, but asks more questions of its own.

 

Network access control: Compliance enabler or detractor?

One of the hottest spaces in the security space is network access control (NAC), and predictably all of the vendors are positioning the compliance "virtues" of the technology. But is there any truth to their claims? Should customers be looking at NAC to solve their compliance woes?

NAC is about ensuring only the right people get access to the right resources. It works by performing "pre-admission" scans to ensure devices are both authorized and not contaminated with malware when joining the network. Once on the network, NAC solutions then switch into "post-admission" control mode where they are making sure that each endpoint is accessing authorized resources and don't start behaving erratically. Of course, we're still early in the adoption of NAC and the vision is not yet the reality – but that's the idea.

Learn more about network access control's effectiveness as a compliance manager.

About the author
Mike Rothman is President and Principal Analyst of Security Incite, an independent information security research firm. Having spent over 15 years as an end-user advocate for global enterprises and mid-sized businesses, Mike's role is to educate and stimulate thought-provoking discussion on how information security contributes to core business imperatives. Prior to founding Security Incite, Mike was the first network security analyst at META Group and held executive level positions with CipherTrust, TruSecure and was a founder of SHYM Technology. Mike is a frequent contributor for TechTarget and a highly regarded speaker on information security topics. Keep track of Mike's musings via The Daily Incite newsletter.


Dig Deeper on Regulatory compliance with cybersecurity laws and regulations

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

MicroscopeUK

SearchSecurity

SearchStorage

SearchNetworking

SearchCloudComputing

SearchDataManagement

SearchBusinessAnalytics

Close