BELARC & CISCO NETWORK ADMISSION CONTROL (NAC)
Enterprises are finding an increasing need to allow partners such as off-site employees, contractors, customers, vendors and others, access to their internal networks and the data and applications that reside there. This creates a problem for network and security managers trying to secure their IT systems, and the information and applications running on these systems.
Perimeter based firewalls and IDS/IPS systems are no longer useful in preventing attacks over these connections for the following reasons:
- These connections frequently use common ports such as TCP ports 80 and 443, so that port blocking at the perimeter will not be useful.
- These connections also frequently use encryption such as SSL or IPSec. This makes it very difficult for IDS and IPS devices to inspect the packets and headers as they transit through the firewall.
New security methods and architectures must be used to secure IT assets and data in this environment. Belarc and Cisco's NAC solution is an answer to this problem.
Belarc's NAC helps to fully automate Cisco's NAC solution by automatically checking the end-point for the following:
- The latest Microsoft security hotfixes and updates.
- The Center for Internet Security (CIS) benchmarks. The CIS benchmarks are industry and government, consensus based, best-practice security configurations for computers connected to the Internet. The U.S. National Security Agency has found that configuring computers with proper security settings blocks over 90% of the existing threats. IA Newsletters "Security Benchmarks: A Gold Standard". Click here to request a copy.
To request copies of our paper, "Belarc & Cisco NAC" Click here. |
