"It
is impossible for ideas to compete in the marketplace if no forum for
their presentation is provided or available."
Thomas Mann, 1896
A Business Forum Round Table Luncheon
The Los Angeles Marriott Hotel
in Los Angeles, California
Network Access Control
With Experts provided
by: Mirage
Networks, Inc.
Those accepting our invitation to attend included:
President - E-Novative, Inc. * Chief of Information Technologies - Southern California Association of Governments Quality Assurance Manager - BT Infonet Corporation * Information Systems Security Officer - County of Los Angeles-LAC+USC Healthcare * Information System Security Analyst - County of Los Angeles-LAC+USC * Partner Tatum Partners * Security Analyst - Walt Disney Company * Director of Information Technology - Fashion Institute of Design & Merchandising * Technical Support Manager - Fashion Institute of Design & Merchandising * Security Consulting Engineer � BT Infonet Services Corporation * Systems Analyst � Los Angeles Department of Water & Power * Director, Government Security - The Aerospace Corporation * Professor of Information Systems California State University, Los Angeles * Director of Information Technology - Singer, Lewak, Greenbaum & Goldstein, LLP * Software Project Director - Sempra Energy Corporation * Network Manager � Los Angeles County - Department of Health Services * President - The Vantage Group, LLC
For the
benefit of those of our members and supporters who could not
attend the meeting we present the following white papers, with contacts
Understanding Network Access Control
Contributed by: Mirage Networks, Inc.
Today’s technology environment is defined by mobility. It’s a productivity enhancement few organizations can be without - but the gain in productivity is causing an explosion of network security concerns. Consider the dramatic increase in the number and capabilities of mobile devices: according to Gartner, the dominant trend in computer buying has shifted to notebooks, which now make up 29% of computers sold in the US and 31% of those sold worldwide. And not only are laptops becoming the computer of choice for many corporate employees, more and more IP-enabled devices are coming into the mix - PDAs, mobile phones, and gaming systems, to name a few, each bringing new security vulnerabilities onto the network. Further enhancing productivity - and jeopardizing network security - is the ubiquity of access. Whether at home, in a hotel, at a Starbucks, or even on a park bench, users require and expect access to corporate networks at a data rate that enables full productivity. The widespread adoption of broadband and wireless networking has made mobile computing the standard, not the exception.
This has created great challenges for IT and security professionals. Controlling the devices accessing the network has become increasingly problematic as these devices move in and out of protected corporate networks, and as the line between office and personal computer blurs or even disappears. And now, it’s easier than ever for unmanaged IP devices to make their way into corporate networks.
Pre-Admission Network Access Control
Contributed by: Mirage Networks, Inc.
As you may recall from Part 1, the three main NAC standards (Cisco NAC, Microsoft NAP, TCG TNC) concern themselves with pre-admission (a.k.a. on-entry) NAC. Pre-admission checks are critical, but assuming that clean devices cannot become infected or hacked once ON the network could well be considered myopic. Post admission infection is addressed later in this document.
For a NAC solution to be effective, it must deliver two essential pre-admission capabilities. First, it must be able to identify a new device connecting to the network. Second, it must be able to test the endpoint for adherence to security policy and restrict access for those devices that do not meet defined entry criteria. Together, these capabilities should provide data that can be used to compare a device’s current security state against established security policy criteria, to determine how much or how little access that device is allowed.
Search Our Site
Search the ENTIRE Business
Forum site. Search includes the Business
Forum Library, The Business Forum Journal and the Calendar Pages.
Disclaimer
The Business Forum, its Officers, partners, and all other
parties with which it deals, or is associated with, accept
absolutely no responsibility whatsoever, nor any liability,
for what is published on this web site. Please refer to:
Home
Calendar The Business Forum Journal
Features
Concept
History
Library
Formats
Guest Testimonials
Client Testimonials
Experts Search
News Wire Join
Why Sponsor
Tell-A-Friend
Contact The Business Forum
The Business Forum
9297 Burton Way, Suite 100
Beverly Hills, CA 90210
Tel: 310-550-1984 Fax: 310-550-6121
[email protected]
webmaster: bruceclay.com