NAC: Network Access Control – protect your network against unauthorized access
The battle of good against evil in your network
The majority of attacks (80% according to studies) on your network and servers originate from within. It could be devices attached or connected without authorization. Discontented or disloyal employees must also be taken into consideration. But it needn’t be deliberate – even modern mobile phones could be infected with a virus or malicious software that could find its way onto a server through the WLAN. The battle of good against evil in your network is therefore not merely fought against outside forces, but rather within your network. A firewall, usually a device connected to the router or an integrated function, is of no help here.
The battle of good against evil – how to accept the challenge
Once you’ve become aware of the dangers, countermeasures can be taken. Security profiles in your domain, antivirus and anti-malware software on your computers are a must nowadays. Unfortunately, experience has shown that software protection doesn’t always help. There’s just too many techniques and methods to hack networks and access safety-relevant company information. Genuine control and monitoring is only provided by Veri-NAC.
NAC defined in a different way
As for network access and monitoring systems, there are plenty. These applications use so-called agents, which are pieces of software on a server, PC, or switch. The NAC itself collects and receives the information, to then react in a controlled manner to imponderabilities. Each network device has to use certain procedures (ARP/ICMP) to log on to the network. The information provided is also the information required by hackers about your network. The agent is the weak point in the system; it can be outwitted. Veri-NAC works without agents. Veri-NAC reads and analyzes your network data traffic.
Veri-NAC thus receives its information over the network without you having to buy, install, and time-consumingly configure agents.
With Veri-NAC you will triumph over evil, using the weapons of a hacker.
Click link for a market overview on Network Access Control (PDF file 397kb).
VeriNAC – Fight and defend
Configure Veri-NAC by telling it how you want to fight the battle and who you want to fight. VeriNAC lists all known devices in the network. You decide what somebody can do and who can’t. If Veri-NAC discovers something new or unusual, how you want to fight the battle becomes important. Veri-NAC can keep out unauthorized devices using DoS attacks. You fight with the weapons of a hacker. To fight with the weapons of a hacker, you don’t need special switches with special functions or configurations.
Veri-NAC provides full protection even when the simplest, unmanaged switches are used. For experienced administrators, Veri-NAC can also reconfigure your Cisco, HP, or Black Box switch via SNMP. Thus any unwanted and harmful user will simply be moved to a dead VLAN. You define what constitutes a harmful user. In addition, you can specifically determine which packets will be sent, how often they will be sent, or to whom.
However, it doesn’t always make sense to fight. Prevention is better than cure. There is a reason why service packs and patches that close known security holes are available for the standard operating systems. Veri-NAC compiles reports that show you the security status of your PCs and servers, i.e., which service pack, which patch is missing and where. Do you want to continue to risk missing the latest firmware update for the access point and thus live with a security hole in your WPA2 encryption? With VeriNAC, you stay in control and on top of things. And you continue to keep your independence from vendors and protect your investments for the future.