• NAC decisions you need to make now

    Posted July 27, 2010 - 11:47 am

    One important piece of a multilevel security defense for companies of almost any size is network access control (NAC), which lets you enforce policies for end-user machines.
  • The 4 tiers of a secure B2B framework

    Posted June 23, 2010 - 12:44 pm

    Worried about how to link IT networks with business partners without getting burned? Forrester analyst Usman Sindhu offers a 4-step strategy to ensure trust.
  • Review

    Symantec NAC: Easy to install, strong on endpoint compliance

    Posted June 22, 2010 - 1:33 pm

    Symantec NAC is all about compliance: ensuring that devices on your network properly comply with the endpoint security policy you set in your Symantec Endpoint Protection console. Symantec NAC isn't about authentication or access controls beyond basic VLAN switching.
  • Review

    Cisco NAC: Strong in-line enforcement

    Posted June 22, 2010 - 1:31 pm

    While Cisco's overall NAC strategy is in flux, a NAC Appliance investment is likely to come with substantial purchase protection — just be sure to keep your SMARTnet contract up to date.
  • Review

    Network access control authentication: Are you ready for 802.1X?

    Posted June 21, 2010 - 4:25 pm

    In the NAC products we tested, authentication varies from very strong to very weak, and every point in-between. When starting down your path of evaluating NAC products, decide very early what kind of authentication mechanism you want, if any.
  • Review

    NAC access control: A multi-dimensional puzzle

    Posted June 21, 2010 - 1:51 pm

    To understand how access control is done in NAC products, you have to look along three dimensions: where access controls are enforced, how access control is communicated, and the granularity of access control.
  • Review

    Network access control vendors pass endpoint security testing

    Posted June 21, 2010 - 1:33 pm

    One of the main promises of NAC is that you can ensure that endpoint security tools are up to date and that non-compliant machines can be identified or blocked. As regulatory compliance has grown in importance, NAC vendors have reacted by building strong feature sets aimed at endpoint security and compliance. In our NAC testing, we had good, and sometimes great, results across the board when it came to endpoint security.
  • Review

    NAC: What went wrong?

    Posted May 24, 2010 - 11:33 am

    After spending four months in the lab testing the 12 leading network access control products, we’ve come to this conclusion: Five years of hype, buzzwords, white papers, product launches, standards battles and vendor shakeouts have resulted in very little in the way of clarity. Agreement on what NAC really means and the right approach to NAC remain as elusive today as in 2005, when the first NAC products burst on the scene.
  • Review

    Cisco's NAC goes off track, customers taken aback

    Posted May 24, 2010 - 10:45 am

    As the most important supplier of network infrastructure to enterprises, Cisco's NAC products are a natural point of curiosity for network managers. Unfortunately, though, Cisco's approach to NAC has been riddled with in-fighting, false starts, delayed product releases, and a good dose of chaos and confusion.
  • Review

    NAC standards wars end in truce

    Posted May 24, 2010 - 10:41 am

    The Trusted Computing Group’s Trusted Network Connect (TNC) is an industry-supported working group developing NAC architecture documents and standards. The first public documents came out of TCG’s TNC in 2005 after a year of work, and the group has continued to publish NAC standards and fill out their NAC architecture every year.
  • Cloud-based identity management gets a boost

    Posted May 19, 2010 - 11:40 am

    Giving network managers a way to provide access, single sign-on and provisioning controls in cloud-computing environments got a boost today from both Novell and a much smaller competitor, start-up Symplified.
  • Two-factor authentication through Windows Server 2008 NPS

    Posted May 10, 2010 - 11:19 am

    Increasingly, whether due to regulatory requirements or a basic recognition that static passwords just don't provide adequate security, organizations are implementing some form of strong authentication. Like all new efforts, before you start you want to be reasonably assured that you will succeed. In this tutorial we will document how to add two-factor authentication to various Microsoft remote access solutions through the Windows Server 2008 Network Policy Server. For two-factor authentication, we will be using the WiKID Strong Authentication Server - Enterprise Edition. WiKID is a dual-sourced, software-based two-factor authentication system. While the document is product specific, the process is typically the same no matter the products.
  • Cloud computing makes IT access governance messier

    Posted April 20, 2010 - 11:13 am

    IT professionals are finding it harder than ever to set up access controls for network resources and applications used by organization employees, and cloud computing is only adding to their woes, a survey of 728 IT practitioners finds.
  • Virtualization and cloud security modeled on NAC

    Posted April 12, 2010 - 9:20 pm

    Virtualization and cloud computing have disrupted the security industry to its core. We have not quite figured out how to deal with very dynamic infrastructure while most security is implemented in a mostly static ring of devices surrounding the resources they protect.
  • What Are the Most Overrated Security Technologies?

    Posted March 10, 2010 - 11:22 am

    Which security technologies are IT shops putting too much faith in? Some readers weigh in.
  • Social Networking a Tool for More Secure ID Management?

    Posted September 18, 2009 - 11:13 pm

    At Digital ID World 2009, a Facebook platform engineer says social networking sites can be used to actually improve identity and access management. Why wasn't he laughed off stage by the skeptical security crowd before him? Read on.
  • Survey: IT pros are optimistic about bigger budgets next year

    Posted July 6, 2009 - 9:05 pm

    While most IT network professionals report modest cutbacks in spending this year vs. last year, they seem optimistic that will change for the better next year, according to an early look at an ongoing study from The Info Pro consultancy.
  • NAC used for something other than what it was designed for

    Posted January 28, 2009 - 5:12 pm

    Few customers of network access control use it for what it was intended, preferring instead to deploy the security technology to keep guests and contractors away from corporate production networks, according to a new report.
  • Best Practice: Gun manufacturer arms its mobile workforce

    Posted August 13, 2008 - 8:08 pm

    This Best Practice is part of a collection of advice provided by information technology professionals on how they have solved various challenges, and addressed IT priorities within their organizations.
  • Response is as important as resolution in a network breach

    Posted June 18, 2008 - 4:28 pm

    Last week, it was announced that several congressional offices had been hacked, with the hack originating from a Chinese IP address.

Join us:






Join today!

See more content
Ask a Question