Network Access Control Technology—Proposition to Contain New Security Challenges ()
Abstract
Traditional products working independently are no longer sufficient, since threats are continually gaining in complexity, diversity and performance; In order to proactively block such threats we need more integrated information security solution. To achieve this objective, we will analyze a real-world security platform, and focus on some key components Like, NAC, Firewall, and IPS/IDS then study their interaction in the perspective to propose a new security posture that coordinate and share security information between different network security components, using a central policy server that will be the NAC server or the PDP (the Policy Decision Point), playing an orchestration role as a central point of control. Finally we will conclude with potential research paths that will impact NAC technology evolution.
Share and Cite:
A. Lakbabi, G. Orhanou and S. El Hajji, "Network Access Control Technology—Proposition to Contain New Security Challenges,"
International Journal of Communications, Network and System Sciences, Vol. 5 No. 8, 2012, pp. 505-512. doi:
10.4236/ijcns.2012.58061.
Conflicts of Interest
The authors declare no conflicts of interest.
References
[1]
|
2011 Cybersecurtiy Watch Survey.
http://www.idgenterprise.com/5/post/2011 /01/2011-cybersecurity-watch-survey-organizations-need-more-skilled-c yberprofessionals-to-stay-secure.html
|
[2]
|
Gartner, Information Technology Research and Advisory.
www.gartner.com
|
[3]
|
“Cisco NAC Appliance Enforcing Host Security with Clean Access Jamey Heary,” CCIE? No. 7680, 2007.
|
[4]
|
Juniper Unified Access Control.
http://www.juniper.net/us/en/products-services/security/uac/#overview
|
[5]
|
Trusted Network Connect.
http://www.trustedcomputinggroup.org/developers/trusted_network_connect
|
[6]
|
Cisco NAC OOB Deployment.
http://www.cisco.com/en/US/products/ps6128/ products_configuration_example09186a0080a138cc.shtml
|
[7]
|
Firewall policy rules using Fully Qualified Domain Name.
http://www.cisco.com/en/US/docs/security/ security_management/cisco_security_manager/security_ manager/4.2/us er/ guide/fwident.pdf
|
[8]
|
http://www.packetfence.org/
|
[9]
|
http://www.snort.org/
|
[10]
|
http://www.nessus.org
|