he Many Myths of Endpoint Security
Boeing Grappling With Data Theft
Restoring Online Privacy
Security Flaw Could Ground Wi-Fi Users|
1. Stop and identify the business drivers first.
When you peel back the layers, the first driver is usually about unmanaged or guest users, such as consultants, contractors, partners, and even customers, said Forresters Whiteley. If this is your only concern, you can get away with a turnkey box that provides a hotel experience. However, if you try to send every single wired user through that box, it will be costly. Youd be better off with something that integrates with your existing networking architecture.
2. Make sure the solution identifies both users and devices.
Its critical to know who and what youre talking to. Im not going to give a guest the same access as an employee, and Im going to run more checks on a laptop that has left the office than a stationary PC, said Ciscos OConnell.
3. Does the solution enable comprehensive health checks?
NAC promises to deliver an enterprise-wide architecture for compliance, saying that, perhaps, you need a Windows patch or an anti-spyware program running. Its an ongoing access control system that checks a users compliance with policy, Whiteley said.
4. Are there posture assessment and enforcement mechanisms?
I know who Im talking to. Now what do I give them? Based on policy, a human resources person shouldnt have access to an engineering domain, said OConnell.
5. Decide what your organization will do about quarantine and remediation.
This is where the real value is, but its the hardest part to do. Once you violate a policy, can I fix you so you are compliant, or are you on your own? Whiteley asked.
6. Determine the appropriate architecture, be it software, hardware, or one based on current vendor relationships.
Architecture affects function. What the best one? It depends on your goal. If you want to monitor users, it implies that you can see traffic, meaning the device must be inline. You may have agents on endpoints, but you need something centralized in the network, said McLean of ConSentry.
7. Look ahead to centralized policy management.
The problem is that there is no central policy standard. The vendors arent playing well together, so there are many separate islands of policy, ranging from Cisco to Microsoft to those of patch or anti-virus vendors, Whiteley said.