Identity Services
Secure a Network with Advanced Network Access Control (NAC)
Network Access Control is the process for managing and securing access to wired and wireless networks. NAC systems use policies that can be based on location, users and groups, roles, device type and other criteria to ensure that endpoints connecting to the network are authenticated, identified, authorized, and given the correct level of access.
Wired and wireless network endpoints are authenticated with the 802.1X protocol. 802.1X is an increasingly required security control in modern networks. Wired and Wireless 802.1X essentially put a digital lock on the front door of a network. Guests, employees or attackers need to be prevented from connecting unauthorized computers and other devices onto the network. An unauthorized device can be a source of malicious software or traffic on the network leading to a serious security incident.
Cisco ISE 802.1X Foundation Deployment
A phased approach to implementing Wired and Wireless 802.1X with Cisco Identity Services Engine (ISE) across the network, starting with a manageable deployment size for minimal user disruption. 802.1X and NAC ensures only authorized users and devices gain network access, protecting against security threats from unauthorized users and attackers. Cisco ISE is highly configurable and adaptable to today’s emerging threats and is trusted in enterprises worldwide. Cisco-centric environments will see high levels of integration with their existing investments.
Aruba Clearpass 802.1X Foundation Deployment
A phased approach to implementing Wired and Wireless 802.1X with Aruba Clearpass Policy Manager (CPM) across the network, starting with a manageable deployment size for minimal user disruption. 802.1X and NAC ensures only authorized users and devices gain network access, protecting against security threats from unauthorized users and attackers. Aruba CPM has emerged as one of the most trusted NAC solutions in the market and it is particularly suited to mixed vendor environments with complex security needs.
Portnox Cloud NAC 802.1x Foundation Deployment
A flexible, cloud-based approach to implementing Wired and Wireless 802.1X security, using Portnox’s Cloud Network Access Control solution to safeguard network access. This phased deployment ensures that only trusted users and devices can access your network, starting with a manageable deployment size for minimal user disruption. Portnox has emerged as one of the best in class Cloud NAC providers and is particularly suited to organizations that want a small footprint and or a “turn key” solution.
BENEFITS
What Enterprise NAC Solution is good fit for your IT Culture?
The most common enterprise NAC solutions are Cisco Identity Services Engine (ISE), Aruba Clearpass Policy Manager (CPM), and Portnox. These solutions can scale from medium enterprises all the way up to the largest enterprises in the world.
These solutions offer many different types of authentication: 802.1X, RADIUS, TACACS, Certificate Authentication, etc. These can be used to authenticate network devices and endpoints accessing wired and wireless networks, VPN users, device administrators, and many other services requiring authentication. They can be integrated into many different types of user directories (such as Microsoft Active Directory) as their primary authentication database. Microsoft Certificate Authorities are also commonly implemented for Certificate Authentication.
Wireless 802.1X has become common as wireless networks are particularly exploitable due to their range often spreading past the boundaries of buildings and facilities. Other authentication methods, such as pre-shared keys, have also been easy to attack. Due to these reasons, 802.1X adoption in wireless networks is extremely important and should be done as soon as possible.
THE BOTTOM LINE
Adopting both wired and wireless 802.1X as soon as possible is strongly recommended
Historically, wired 802.1X has been harder to adopt than wireless 802.1X. This is due to its complexity and differences between switch vendors, as well as its higher level of outage impact compared to wireless. Today, wired 802.1X has gotten easier and less impactful to deploy than it was in the past. Attacks initiated from the wired network can be devastating, often exposing the entire network to the attacker. Regulatory, insurance, and compliance requirements for wired 802.1X are also common now.