On BNET: 5 classic computer pranks
BNET Business Network:
BNET
TechRepublic
ZDNet

August 5th, 2006

Don't bother with NAC

Posted by Richard Stiennon @ 10:22 am

Categories: Secure Network Fabric, Security

Tags:

At BlackHat this week Ofir Arkin, CTO of a network scanner and asset management vendor Insightix points out a few technical issues with the way NAC, as envisioned by Cisco, is currently designed. Among them:

 

  • DHCP.  Static IP addresses can bypass DHCP which is a primary means of enforcement for some NAC solutions.
  • 802.1x  Spoofing exempt devices and using Network Address Translation can bypass NAC.
  • Endpoint assessment.  Patching delays mean your endpoint is vulnerable anyway.

All good points but I believe technical arguments against NAC, Network Admission Control, are out-weighed by more fundamental problems with trusting endpoints to report their health. See my column on NAC vs Secure Network Fabric published last week.

The confusing thing about this debate is that those companies that do Network Access Control use the NAC acronym as well.  To keep it simple just remember: Access Control, good. Admission Control, bad.

 

 

Richard Stiennon is an industry consultant. See his full profile and disclosure of his industry affiliations.

  • Talkback
  • Most Recent of 3 Talkback(s)
Perfection
SO when will any other security technology be perfect? The only perfect approach I can think of for security is complete lockdown. Air gap firewalls are great security, ut they make it all but impossi... (Read the rest)
Posted by: adhils Posted on: 08/09/06 You are currently: a Guest | | Terms of Use
NAC  adhils | 08/07/06
So when will NAC be perfect?  RStiennon | 08/08/06
Perfection  adhils | 08/09/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Essential Topics Click Here

advertisement

Recent Entries

Top Rated

    advertisement

    Archives

    Favorite Links

    ZDNet Blogs

    White Papers, Webcasts, and Downloads

    • Smart Tech Expert advice on innovations in healthcare and the green technologies that make it happen. Find out more
    • Smart Business Discussion and advice on management issues that revolve around making your world smarter and more useful. More Smart Advice
    • Smart People The best and worst moves in the management and strategy trenches. Learn More