Skip to main content

Learning About NAC From Higher Education

August 25, 2010

Network Access Control (NAC) is something that people are talking about everywhere, whether they realize it or not. It’s not that they are determining how to utilize standards such as 802.1X, IF-MAP and MS-NAP, or marveling at how cool and exciting they might be. Instead, the discussions are around business decisions and initiatives that are being driven by business challenges and needs. These challenges and needs relate to NAC.

For instance, NAC has been finding increased traction within the traditional enterprise as businesses expand their use of SaaS solutions and cloud services. Just think about how many sales organizations have implemented online cloud-based CRM offerings such as Salesforce.com or NetSuite. More and more companies are moving away from purely in-house solutions, and looking at MSPs and saying, “I want you to manage my X” or “I want to leverage your infrastructure to do Y.”   As a result, companies are employing a combination of on-premise equipment and cloud services. And, oftentimes, that erodes their security focus. Instead of discussing NAC strategies and how they can help protect corporate assets, companies talk about how they can secure the cloud services, SaaS, and other services beyond their perimeters that they don’t necessarily control.

NAC is also finding its place as growing IT environments become increasingly difficult to manage and maintain. A homogenous Windows environment may still have four different flavors of Windows running, two different versions of Windows server… you get the point.  That is a challenge in and of itself, but add the need to support Smartphones (Androids, iPhones, Blackberries, etc), iPads, hand scanners, you name it, and you’ve got a growing, disparate environment that is further dissolving the hard perimeter of yesteryear. Don’t forget about trends such as telecommuting! The results? A management conundrum as the perimeter continues to deteriorate.  The big question is: how do we secure all those devices?

Higher education has been successfully dealing with these very challenges for quite some time. Students want to use divergent technologies, such as laptops for doing schoolwork, Smartphones, gaming consoles, and DVRs, all of which connect to the network and want Internet access. This alone creates a heterogeneous environment that is challenging to manage. Higher education institutions have responded in a number of ways including strategically using NAC to adapt effectively to the hyper-changing environments.

Rather than trying to control and manage every end point, NAC audits the end point and enforces access based on the results. Auditing end points enables organizations to provide healthy networking environments. This concept can be equated to secondary school requirements that parents deal with every year - every child must have an annual doctor’s check-up and be up-to-date on certain immunizations so that he or she can attend school. Within information security, organizations can see whether or not a user has up-to-date antivirus software, a firewall running, etc., segregate them into the environment based on the results, and allocate specific resources to the user to make them healthy. For example, if a user doesn’t have the latest antivirus software, the organization can restrict access to all network resources except those necessary to update their antivirus software. The user is granted access to the rest of the network only after the antivirus software is downloaded.

Commercial organizations are now revisiting NAC and looking at the solutions and strategies that Higher Education as employed. Do you think it’s possible for them to achieve this level of control?


    Jason Prost

By: Jason Prost

Vice President, Core Services

See More

Related Blogs

May 17, 2018

Dear Board of Directors, It’s Time to Do the Right Thing and Elevate IAM

I talk with IT executives regularly and have noticed a trend across industries that is concerning. While the threat of a data breach looms large on th...

See Details

April 20, 2018

Customization of IAM Solutions: Risks of Having it Your Way

Forty years ago Burger King launched a revolution in customization, declaring that they could provide you the power of creating your perfect burger co...

See Details

April 03, 2018

Escape and Evasion Egressing Restricted Networks – Part 2

Attackers and security assessors alike are utilizing a technique called domain fronting, which masks malicious command and control (C2) traffic. This ...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

RELATED INSIGHTS

January 24, 2018

Identity and Access Management Capabilities

We can help enable your business while reducing risk.

See Details

July 21, 2015

Network Security Solutions

Learn how we help protect your environment while maintaining connectivity.

See Details

August 20, 2014

How to determine the best NAC (Network Access Control) Solution for Your Needs

The power of Network Access Control (NAC) to regulate access to corporate network resources and bolster the security of a proprietary network via a de...

See Details

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cyber security Events in your area.