Network Access Control 101 Securing the Critical Edge of Your Network.

16
Network Access Control 101 Securing the Critical Edge of Your Network

TAGS:

Transcript of Network Access Control 101 Securing the Critical Edge of Your Network.

Page 1: Network Access Control 101 Securing the Critical Edge of Your Network.

Network Access Control 101Securing the Critical Edge of Your Network

Page 2: Network Access Control 101 Securing the Critical Edge of Your Network.

Notice your network changing?

• # of devices on your network growing?

• % of devices are corporate issued?

• # of devices / user?

• % of devices that are mobile?

• # of guests and/or contractors?

Page 3: Network Access Control 101 Securing the Critical Edge of Your Network.

Your Network is Changing

YOURBUSINESS

USERSSUPPLIERS

PARENTCOMPANY

GUESTS

PARTNERSCONSULTANTS

BYOD

INTERNETOF THINGS

Page 4: Network Access Control 101 Securing the Critical Edge of Your Network.

Endpoints are Easy Targets for Hackers

Page 5: Network Access Control 101 Securing the Critical Edge of Your Network.

Greater Attack Surface = Greater Risk

100% Managed100% Context

Corporate

Less ManagedLess Context

BYOD

4 x Attack Surface

Even Less ManagedEven Less Context

InternetOf Things

Drop in% Managed

Endpoints

ExposureRisk

Page 6: Network Access Control 101 Securing the Critical Edge of Your Network.

LEVERAGE INDICATORS OF TRUST/RISK

Bradford Networks

LIVE INVENTORY OF NETWORK CONNECTIONS

APPLIANCE / VIRTUAL / CLOUD DELIVERY

ANALYTICS / PLANNING / FORENSICS

REAL-TIME ENFORCEMENT

NETWORK ACCESS POLICIES

Page 7: Network Access Control 101 Securing the Critical Edge of Your Network.

NAC 101:Live Inventory of Network Connections

CONNECTTIMES

….

SITE 2

SITE N

SITE 1

OS/APPS

CONNECTPOINT

VPN

DEVICETYPE

USER & GROUP

Page 8: Network Access Control 101 Securing the Critical Edge of Your Network.

NAC 101:Flexible Network Access Policies

DEVICETYPES

NETWORK ACCESSTO INFORMATION

FINANCIALASSETS

CREDITCARDS

CRITICALINFRASTRUCTURE

HEALTHCARERECORDS

LEGALINFORMATION

INTELLECTUALPROPERTY

STUDENTINFORMATION

USERS &GROUPS

CONNECTPOINT

VPN

OS/APPS

CONNECTTIME

Page 9: Network Access Control 101 Securing the Critical Edge of Your Network.

NAC 101: Dynamic Network Provisioning

HEALTHCARERECORDS

ONBOARDINGPORTAL

GUESTACCESS

NOACCESS

WHO WHAT WHERE WHENINDICATOR OFTRUST

Page 10: Network Access Control 101 Securing the Critical Edge of Your Network.

NAC 101:Endpoint Compliance

IdentifyUser

AssignNetwork Access

AssessRisk

IdentifyDevice

NoAccess

GuestAccess

RestrictedAccess

UnrestrictedAccess

Page 11: Network Access Control 101 Securing the Critical Edge of Your Network.

NAC 101:Extensible Policy Engine

RISK?RESTRICT NETWORK ACCESS

TRUST?GRANT NETWORK ACCESS

Page 12: Network Access Control 101 Securing the Critical Edge of Your Network.

INDICATORS OF

TRUST

NAC 101:Leveraging Indicators of Trust/Risk

INDICATORS OF

RISK

Page 13: Network Access Control 101 Securing the Critical Edge of Your Network.

NAC 101:Self-Service Registration

Page 14: Network Access Control 101 Securing the Critical Edge of Your Network.

NAC 101Historical Inventory of Network Connections

NETWORK & DEVICEINVENTORY

REPORTDISTRIBUTION

DEVICE TRENDREPORTS NETWORK &

ENDPOINT RISK

“BLACK BOX” OFNETWORK CONNECTIONS

Page 15: Network Access Control 101 Securing the Critical Edge of Your Network.

NAC 101: Secure the Critical Edge of Your Network

CxO

• Embrace BYOD

• Balance Risk/Cost

• Maintain Compliance

Users

• Access They Need

• Flexibility They Want

• Privacy They Deserve

IT Management

• Safe Devices/Apps

• Trusted Users

• Safe Access

Page 16: Network Access Control 101 Securing the Critical Edge of Your Network.

Taking Action …

Questions/Request Slides

NAC/BYOD Whitepaper

NAC Checklist


2009 SRS 03 Securing Network Devices

2009 SRS 03 Securing Network Devices

Securing Underwater Wireless Communication Network

Securing Underwater Wireless Communication Network

Securing Network – Wireless – and Connected Infrastructures

Securing Network – Wireless – and Connected Infrastructures

Securing The Network Edge - Delli.dell.com/.../data-sheets/en/Documents/Securing-The-Network-Edge.… · client’s DHCP packet with the option 82 TLV, which describes the client’s

Securing The Network Edge - Delli.dell.com/.../data-sheets/en/Documents/Securing-The-Network-Edge.… · client’s DHCP packet with the option 82 TLV, which describes the client’s

Securing Network Connected Applications with Proposed ...

Securing Network Connected Applications with Proposed ...

Securing Your Small Business Network

Securing Your Small Business Network

Securing Optical Network Data - STAR TAP · Securing Optical Network Data IGrid 2005 Carter Bullard September 26-29, 2005

Securing Optical Network Data - STAR TAP · Securing Optical Network Data IGrid 2005 Carter Bullard September 26-29, 2005

Network Edge Services

Network Edge Services

Securing the Intelligent Network...WHITE PAPER Securing the Intelligent Network Securing the Intelligent Network Figure 1. Security in the network WAN Content Security WAN Optimization

Securing the Intelligent Network...WHITE PAPER Securing the Intelligent Network Securing the Intelligent Network Figure 1. Security in the network WAN Content Security WAN Optimization

Securing wireless network

Securing wireless network

Chapter 12 Securing A Network

Chapter 12 Securing A Network

SECURING THE EXPERIENCE EDGE · Visibility, Detection and Control Aruba 360 Secure Fabric Experience Edge Architecture Aruba Secure Infrastructure ... NETWORK CAMERA DEEP PACKET INSPECTION

SECURING THE EXPERIENCE EDGE · Visibility, Detection and Control Aruba 360 Secure Fabric Experience Edge Architecture Aruba Secure Infrastructure ... NETWORK CAMERA DEEP PACKET INSPECTION

Chapter 5: Securing the Network Infrastructure

Chapter 5: Securing the Network Infrastructure

Securing the shared network

Securing the shared network

Chapter Secure Network 3 Architecture and Securing Network Components€¦ ·  · 2012-08-28Chapter 3 Secure Network Architecture and Securing Network Components THE CISSP EXAM TOPICS

Chapter Secure Network 3 Architecture and Securing Network Components€¦ ·  · 2012-08-28Chapter 3 Secure Network Architecture and Securing Network Components THE CISSP EXAM TOPICS

06- Securing the Local Area Network

06- Securing the Local Area Network

Securing Your Network

Securing Your Network

Securing Wireless Network Topology and Routing - · PDF fileSECURING WIRELESS NETWORK TOPOLOGY AND ROUTING ... SECURING WIRELESS NETWORK TOPOLOGY AND ROUTING ... 4.2.3 Underwater

Securing Wireless Network Topology and Routing - · PDF fileSECURING WIRELESS NETWORK TOPOLOGY AND ROUTING ... SECURING WIRELESS NETWORK TOPOLOGY AND ROUTING ... 4.2.3 Underwater

Securing Personal Devices on Your Network

Securing Personal Devices on Your Network

Securing a Wireless Network

Securing a Wireless Network