Filter
Top Products
474 Building a Network Access Control Solution with IBM Tivoli and Cisco Systems
Some of the security policy compliance checks that NAC can perform include:
Determining whether the device is running an authorized version of an
operating system.
Checking to see if the OS has been properly patched or has received the
latest hotfix.
Determining whether the device has antivirus software installed, and whether
it has the latest set of signature files.
Ensuring that antivirus technology is enabled and has been run recently.
Determining whether personal firewall, intrusion prevention, or other desktop
security software is installed and properly configured.
Checking whether a corporate image of a device has been modified or
tampered with.
Answers to these and similar security profile questions are then used to make
intelligent, policy-based decisions regarding network admission.
Some of the benefits of implementing a NAC solution include:
1. Dramatically improved security of any network, regardless of size or
complexity, by helping to ensure that all user network devices conform to
security policy. By proactively protecting against worms, viruses, spyware,
and malware, organizations are able to focus operations on prevention, rather
than on reaction.
2. Extended value of existing investments in the Cisco network, as well as in
antivirus, security, and management software, through broad adoption and
integration by leading manufacturers.
3. Increased enterprise resilience and scalability by providing a means to
inspect and control all devices that connect to the network, regardless of their
access methods (routers, switches, wireless, VPN, dialup, for example).
4. Preventing noncompliant and unmanaged endpoint devices from affecting
network availability or user productivity.
5. Reduced operating expenses related to identifying and repairing
noncompliant, unmanaged, and infected systems.
NAC implementation options
Cisco offers both appliance-based and architecture-based framework
approaches to NAC that meet the functional and operational needs of any
organization, whether they have a simple security policy requirement or require