Network Admission Control Research Paper

Introduction to Network

A network can be termed as a collection of two or more computers that are connected; computers are connected so that they can easily communicate with each other. This communication includes sharing of resources, sharing of files and documents; it also includes every other kind of electronic communication.

Computers can be linked up with each other by using any kind of architecture. The basic idea of networking is to share information, no matter how complex the network is designed. Basically, for developing and establishing a network, four elements are required. These include Protocol, Network Interface Card, Cable and Hub.

The protocol is a set of rules which are used to make the communication of all the computers identical so that all the computers can understand each other’s language.

Network Interface Cards are required for making the connection of different computers with the network – it also allows them to exchange information. The medium is required to connect all the computers can be a cable, infrared and any other medium.

Hardware is required for controlling the traffic over a network. Normally, a hub is used to connect the computers.

There can be many different types of networks. The networks are categorized based on many factors. The factors over which the networks can be categorized include the size of a network, the complexity of a network, a distance of a network, security of a network, access of a network and how the computers are connected to each other. The network can be arranged peer to peer i.e., without having any dedicated server, or the network can be a client-server network. [Jelen 2003]

Network Security

No matter what kind of a network is established, how much complicated it is, and how many computers it contains, the main elements that should be present in every kind of network is the network security. Network security can be defined as any step that is taken by companies and organizations for the protection of their networks and systems. It is good to provide more security to a network. The amount of a security is decided by companies and organizations on their own – through experts. Network security is among one of the most discussed topics. All organizations and businesses are primarily concerned with the security of their networks as if the security is weak then any kind of harm can occur to a company on its secret information which could result in a big loss. A network security is not a very simple topic rather it is a very complex issue and must be handled with great efficiency. Many different activities are performed for providing a security and protection to the assets and valuable information of organizations that are going to implement network security. Nowadays, a proper and strong network security is provided by using many different techniques and devices. Few of these techniques and tools may include: antivirus software, firewalls, Intrusion Detection Systems, Virtual Private Networks, identity services, encryption and security management. For providing a high level of security, most of the time, all these tools and techniques are implemented together using layers that make it difficult to access the network easily. Today, network attacks are very common and information theft takes place to harm organizations; thus, the importance of implementing strong network security cannot be denied and should be deployed in all companies and organizations that possess their own networks. Data or information has got threats from many different kinds of network problems like viruses, vandals, attacks, data interception and hacking and so on. So security measures should be taken for preventing the assets of an organization. [What is network security n.d].

What is Network Admission Control?

Network Admission Control or NAC can be defined as a collection of rules, techniques, technologies and solutions that are adapted by the network infrastructure for applying and ensuring the security measures over all the devices that are trying to access any particular network. Today, Network Admission Control (NAC) is being used as popular network security. Access to a network with the help of standards which are created by a security team, this method is known as NAC. It can be used in all types of devices such as desktops, PDAs, etc. The firewall helps restrict access; NAC on the other hand does not restrict this access, but rather incorporates intelligence that is required for the network access. Nowadays, we can find many solutions from which we can choose. There are several reasons why the NAC should be recommended? It can be a simple control access policy or might be a choice of the virtual LANs. Also, it can be very complex such as, firewall settings that only allow a specified network to access it. [Davis 2007]

Components of NAC

The system of Network Admission Control is made up of a few components. All of these components are involved in the system because of some specific purposes. All these components have their own importance and are necessary for performing the operations properly. The following is the overview of the important components of NAC:

• Cisco Trust Agent

Cisco Trust Agent is software that is located on a system at the endpoint. This tool is used to collect information regarding the security state of the device from the security software solutions. This software may include antivirus and Cisco Security Agent Clients. This information is then transferred to the network access device. These trust agents have been licensed by the successful security software development company, CISCO. These Cisco Trust Agents are combined with the Security Agents licensed by the CISCO in order to give information about the security of the endpoint.

• Network Access Devices

These are the devices that put into effect all the policies, techniques and rules that are related to the control over admission. These network access devices include firewalls, switches, security appliances, routers and other wireless access points. These devices are used for demanding security. Also, these devices are used for providing the information to the servers where the NAC decisions are carried out. According to the specifications, provided by a customer the suitable NAC is applied like, deny, move, quarantine, ignore, restrict or permit.

• Policy Server

The policy servers are used to analyze and observe the security information that has been provided by the Network Access Devices. The policy servers are responsible for making decisions that what kind of access policy is suitable for the device to be applied.

• Management System

The management systems are aimed at providing the capabilities of monitoring and reporting. Different provisions are also provided to the devices by this management system.

• Advanced Services

The NAC also provides many different advanced services, these services may include:

1. Network Readiness Assessment: This service allows evaluating the network and the infrastructure of the network to find out the speed of the network.
2. Design Development: This service is used to specify the design of NAC so that it can be used within the networks of the organizations.
3. Implementation Engineering: The service of installation engineering allows configuring, testing, installing, and tuning the NAC elements and components.
4. Optimization Engineering: The service for optimization engineering allows to provide periodic changes for improving the reliability, effectiveness and efficiency of the system.

Hence, NAC can be termed as a good solution as it provides many services and facilities through its components that if deployed separately, can charge a lot. The NAC solutions can definitely save time, money, effort and many resources. [Network Admission Control n.d].

Benefits of NAC

There are several benefits of NAC. By the implementation of the NAC, the security of a network can be improved. It requires that the hosts must use the latest antivirus available for their systems. They also must use their system patch policies before they can acquire network access. All this enables the network to protect the system from viruses and worms. As the devices can only be accessed by the network, this enables the NAC to use a network for its advantage by inspection and implementation of security policies for the host to help the user’s system. With different services of a network such as fragmentation of a network via Access Control Lists (ACLs) or VLANs, the uncooperative hosts are denied access to the network to protect a system to become targets of virus infections. Another benefit of the NAC is extension of the network which already exists and also increases the investment of the security, which includes the infrastructure of the network and the security technology of the host. If the information about the security level of the endpoint is available and the information is combined with the network admission policies then the NAC for sure allows the customers over the network to enhance the security of their computing communications. The NAC definitely provides the complete control over access to the network and no unwanted devices can enter into the system. The NAC has got a complete control over all the provided access methods. Also, it makes sure that all the end-users are following the network security policy. [Network Admission Control n.d].

The NAC provides many different benefits. This is the one of the reasons why most businesses and companies prefer to deploy NAC solutions. The NAC solutions are being deployed in almost every kind of organization whether it is on a large scale or small scale. The NAC provides a very strong and secure infrastructure to businesses; therefore, it is the top choice of every business. Corporations and businesses have very important and sensitive information that should not be leaked out, and for this, they want strong security policies and checks. By eliminating the risk of attacks, the productivity of employees is also ensured. For these and many other benefits, the NAC is known as the best choice for providing strong security to companies and organizations. [Neuwirth 2007]

How NAC can be used for providing Security

There are many security-based reasons for which the NAC can be a better solution. These reasons provide solutions for improving the security of a network. The NAC does not only provide a security, but also provides efficiency to the company in which it is being used. It is better to say that by using the NAC solutions, the efficiency of the company is improved more than the security. The following are the few reasons that are responsible for providing the security:

• Force Compliance

A lot of time is being spent by the network administrators and the Windows administrators to find out that how the end user’s device can be forced into falling in line with the available antivirus updates – the firewall settings and Windows patches. The installation of antivirus software is vital to ensure network security. But on the other hand, only installing antivirus software is not enough, it is also necessary that different ways should be used in order to make the antivirus software up to date.

The antivirus programs should also be able to perform the virus scans – all the latest patches should be applied. All these efforts are performed by companies that are having the networks for ensuring network security. None of these processes were automatic and all the efforts would have been made manually – all these efforts were used just for improving the security. Things had to be done manually, like, the network administrator had to start a virus definition update and the other such processes and the rest depends on the end-users. If they do not want to update the application they can cancel it. The NAC is known as the solution for this problem as it enables and ensures the compliance with antivirus updates and all other such activities. [Davis 2007]

• Quarantine

Apart from providing the force compliance over the network, it is also necessary that the network should be able to detect and quarantine any device that is considered to be unpleasant for the network. If the network is not able to detect the unwanted devices that can create problems then any worm or virus can crawl into your system and can cause damages. In this case, the NAC provides a very important solution which is the ability to quarantine any device. All this activity is performed from the center point of the network – this act prevents the spread of a virus or worm throughout the network. Centralization can also be availed in the networks that do not contain any NAC solution, but on the other hand, centralization is not the only thing required for making the network efficient. Network administrators and the network teams will never be able to handle worms and viruses effectively by using the traditional manual methods. The NAC solution is not only able to detect and quarantine the unwanted devices; it can also update the virus definition. Also before allowing any device to enter into the network; NAC will check the device for security purposes. If such security is applied then the viruses and worms cannot penetrate your network easily. If the NAC solution is designed and applied properly then none of the worms and viruses will be able to penetrate into a system, and only the access of the network will be to the devices and information that are needed. [Davis 2007]

• Provides Access to the Guests

Some many companies and businesses want to provide access to guests and vendors, but with full network security. Most of the companies are still trying hard but are unable to get any solution to this problem. This is comparatively a big issue for the companies that are using wireless networks. Many solutions have been found for this problem. A few of these solutions include deployment of loaner computers, deployment of VLANs for providing the guests with isolated access, presentations that are totally based over the web so that can be used from anywhere and so on. On the other hand, if the NAC is deployed then there is no issue of providing the guests what they want rather the guests simply have to be compliant with the network. Now, all this procedure is automatic, previously it was done manually. The manual procedures were not simple and sometimes it required hours for allowing any device to get access to the network. In a manual process, although security was being provided to the network, this was the security for more obvious risks – the less obvious risks were ignored. The NAC provided a solution by making a guest device compliant with the network so that all kinds of risks are dealt with it. [Davis 2007]

• Risk Avoidance

It is obviously always good to avoid risks as much as possible because this effort can make a system very secure and reliable. Apart from worms and viruses, still many risks are associated with daily tasks. It is better to connect all the security policies, like, antivirus, firewalls and so on to the NAC. [Davis 2007]

Why use NAC?

Normal network security systems provide solutions for checking and developing a log of the people who are accessing the network. A traditional network security system also provides the list of functions that the users can perform. Traditional network security does not perform any activity for making sure that the end-users are deploying all the network security policies and performing according to the rules specified by the network policy. In traditional network security systems, it has been noticed many times that some of the endpoints never seem to act according to the security policy that has been defined for making the network secure. This shows that a network security policy is there, but it is not as efficient as it should be to provide complete security. Because the security policy is not being followed properly in these networks, so for this reason, viruses, worms and other threats can attack a system. This can be said as a deficiency of the traditional security systems. The Network Admission Control is designed to deal with this issue. It monitors the endpoints and checks out that whether these endpoints are following the security policy or not. The NAC also provides many different services in a single system which also reduces the cost of implementing every service separately. The NAC gives a lot of attention in making sure that the devices should follow the security rules so that no virus, worm or other threats can enter into the system and do any damages. The NAC also makes every user compliant with the network who is trying to access the network. Hence, in short, it can be concluded that the NAC is a very strong network security solution and all organizations should deploy the NAC in their networks so that their information and resources can be protected. [Network Admission Control n.d]

Functions of NAC

The NAC is a complete network security solution. It can perform many different functions at a time. All the functions have their own responsibility and benefits, few of the most important functions that are performed by the NAC are listed below:

• The major function of the NAC is to provide a security policy.
• The NAC is also responsible for defining the security policy for all the endpoints and other devices that exist in the network.
• The policy rules and regulations are also configured by the NAC.
• It makes sure that the devices and endpoints are following the policy that has been defined for security.
• It can identify the suspected traffic and can block such traffics.
• It is also responsible for generating alerts, reports and logs of the threats that have been found.
• It also builds the compliance information on a regular basis which consists of all the information – to know which devices are following the security policy rules and which are not.
• It can also allow the users to be compliant with the network.
• The NAC is able to monitor and check the compliance of end-user before making it a part of the network.
• The NAC also provides the ability to restrict quarantine, deny, ignore or permit any suspected or unsuspected traffic.
• To is also used to detect the threats whether new or old that are entering the system

These are a few of the responsibilities of the NAC; although there are many more responsibilities that make the system secure. [Network Admission Control 2007]

Types of Security Checks provided by NAC

The NAC continuously and regularly monitors and checks its devices for making sure that the devices are following the security policy rules and are compliant with the network. The NAC devices and services are different from one another. Different facilities are provided by different vendors and companies to buy the system that is providing the facilities of their use. The following checks are normally made by the NAC systems for ensuring the security throughout the network.

• It checks for the versions and service packs.
• It applies patches for browsers and operating systems.
• It also checks for the settings of the browser and configuration of the operating system and makes sure that all the settings and configurations are the same.
• The versions, configurations and settings of all the firewalls that are installed over the endpoints should be the same.
• All the signature files for the antivirus software should be updated and identical.
• The log of the users should be created and updated regularly.
• All the new users or guests should be checked for compliance.
• The list of the viruses and threats should also be updated and provided to every antivirus software.
• The NAC also checks and locates the MAC and IP addresses for every device.

All these checks are performed by the NAC over every device that exists in the system as these checks are essential for providing high-level security. [Network Admission Control 2007]

Conclusion

This paper provides a detailed study about the Network Admission Control (NAC). The NAC can be described as a solution for network security. The trend of attacking a system has been increased to a great extent and organizations must equip their networks with the best security solution. The NAC is the right choice in today’s world of innovation and development. It would not be the right choice to deploy old and traditional methods of security and prevention. Old traditional methods used antivirus software, firewalls, switches and routers and so on; although, all these methods were suitable for defining the security rules and policies for the endpoint devices. These methods were also suitable for monitoring the traffic over the network and for detecting the threats over there. There were still some deficiencies in traditional security methods. The biggest deficiency was that these devices never monitored the devices that whether the devices that are present over the network are following the policies and rules which are defined for the security purpose. The NAC came forward with the solution to this problem as it provides many different checks for making sure that the security policies should be followed. The NAC provides many different services in a single package to reduce the cost. The benefits that are provided by using the NAC solutions are unlimited; companies can use the NAC solutions without any doubt for providing strong security to their sensitive information. In the NAC solutions, guest access is also provided -the best feature is that the guest device is also checked for compliance -a great feature for providing security that is not available in any other security-providing methods. The NAC also makes sure that all antivirus software is updated with the latest viruses and threats that have been detected. The NAC is no doubt the best solution for network security in the world. It is highly recommended that all companies and organizations which are interested in providing high-level security should deploy the NAC solutions in their networks. [Greene 2009]

References

1. David Davis, SolutionBase: Learn how NAC improves network security (2007) .
2. Network Admission Control (no date)
3. Network Admission Control (2007)
4. Tim Greene, NAC used for something other than what it was designed for (2009)
5. Tom Jelen, Networks 101: What is a network? (2003) Web.
6. What is network security? (No date)