In today’s world, smart devices and great new applications are everywhere. Along with making our lives easier, they make the lives of security admins and chief information security officers (CISOs) a nightmare. To state the issue in laymen’s terms: BYOD policy and rogue applications are akin to the Trojan horse inside the sophisticated network perimeter defenses.
I ran across a recent IDG infographic sponsored by ForeScout you can find [here] that highlighted the concerns from the security admins up to the CISO themselves. In nearly every category the end-point configuration violations, rogue devices, BYOD, and rogue applications are listed at the top of their concerns with no anticipation of improvement.
So how does an organization address this challenge? Of course, strong perimeter defenses are critical. Having a good security analytics tool in the form of a security information and even management (SIEM log management) solution is also important. However, arguably, the most critical piece protecting organization against rogue devices from within is a network access control (NAC) system.
Early NAC solutions offered a basic allow/deny scheme based on MAC address of an endpoint machine. With personal mobile devices becoming ubiquitous, market demanded a more sophisticated solution to control network access. As a result, the next-generation of NAC offerings started coming to market. These systems are quickly becoming indispensable security platforms that offer a wealth of functionality predicated on the importance of dynamic endpoint intelligence and policy-based remediation. A next-generation NAC solution can dynamically identify, inspect and control all network-connecting devices, including, wired, wireless and remote endpoints. Furthermore, the solution can enforce compliance and implement threat mitigation. Here is a quick list of how these new advanced NAC technologies can be used to protect an enterprise network:
- Identify, profile and monitor in real time all network-attached endpoints
- Discover and remove unauthorized devices and rogue wireless access points
- Manage corporate-owned mobile devices and reassign employee-owned mobile devices to guest VLANs
- Terminate and/or block unauthorized applications running on a device
- Ensure endpoint device compliance (e.g., OS patches, anti-virus updates, etc.)
- Continuously monitor endpoints to identify signs of compromise or non-compliance
- Respond to policy violations, including guided and automated endpoint remediation
- Share intelligence with SIEM and IPS tools on the enterprise network for greater visibility and enhanced security posture
The list of NAC benefits is extensive and it can also be germane to achieving and substantiating compliance with a wide variety of IT Governance, Risk Management, and Compliance (GRC) requirements. So if these are the big concerns and a NAC can solve the problem, why aren’t there more NACs out there in operation? The answer is simple. Legacy NACs have a reputation of being complex to install and hard to manage, even when improved with newer next-gen features. That’s why at SwishData we partnered with ForeScout. Their solution was built from the ground up as a next-generation NAC that is not complex or hard to manage. You can see more about their solution [here].