You can learn network access control solutions in a few minutes. IP address connection, local connection will also be mentioned in this article.
Recently, there have been many disputes over what constitutes a "complete" network access control solution. The definition of initial network access control (such as host status check, isolation, and remediation measures) has been significantly expanded. The network architecture and network O & M administrator undoubtedly began to question whether the word was abused and lost some real meanings.
It is necessary to ensure that the inevitable "fashion" effect allows vendors to launch a network access control product that is significantly different from what was marked a year ago. Despite these concerns, I still like to provide more extensive definitions for network access control than last year. Research firm Current Analysis believes that a complete network access control solution should include the following features: host status check; isolation and remediation measures; be familiar with identity, policy-based identity identification, and resource access control; threat protection, isolation, and remedial measures after access.
What we get from this extended definition is the ability to integrate network access control more closely with IT infrastructure, thus, network access control is a truly ubiquitous access control system. This provides two independent but equally important enhancements for the current network, including network-layer identity management and a threat protection console.
In network access solutions, the benefits of familiarity with user identities are indeed obvious. Interestingly, network access solutions are common in security solutions because they are only related to security. As previously expected, network access control does not add any additional security features, but ensures that organizations fully utilize their existing security investments (for example, check whether the anti-virus software is installed, enabled, and updated ).
The positioning of the network access control system in a system management, audit and compliance solution is at least obvious. However, to fully utilize the potential of network access control as a management tool for auditing and compliance with regulations, this solution needs to link network communication with specific users and specific policies.
Existing solutions generally use an application-centric approach to do this. This fact may be accidental, not designed. According to a message announced this week, Oracle (an application-centric Identity management model) and Identity Engines (a network access control vendor familiar with Identity) cooperation will become a trend. This trend is to more quickly and completely provide a technology that is familiar with identity to network access control solutions.
To become an active security system, the network access control solution must support threat protection after inbound traffic. Currently, many network access control solutions support regular re-check of the inbound protection measures configured on the host. If a device does not comply with the rules, place it in an isolated place and repair it.
However, a more powerful function is to block network communication by using network access control implementation points, or isolate specific devices based on the threat detection results of existing networks or host-based security products. As network access control functions are integrated into network infrastructure, security vendors will do their best. These include detecting emerging threats and simplifying the network by eliminating security devices in dedicated lines.
We will see that we are still far from the network access solution with this wide range of features. However, our first step must be in favor of moving in this direction. Market demand will be developed around a wider range of solutions, so you will see vendors that are cooperating and acquiring and the technologies they provide these solutions.