Protecting Your Network Begins With Controlling the Devices that Connect to It
How many devices connect to your network? You probably have an inventory of your servers and desktop computers; maybe you even track departmental printers and scanners. These known devices, though, are likely just a fraction of the devices that make connections. The connections made by Bring Your Own Device (BYOD) mobile devices are equally important from a network security perspective, but largely outside enterprise control. That’s why a first step in securing your network is to establish control over the devices that connect to it.
Enable and Block Devices With Endpoint Security
Network access control (NAC) products provide endpoint security, preventing devices from connecting to your network unless they are known and authorized. NACs grant access based on policies that define the types of devices allowed and any additional requirements, such as specific versions of operating systems or antivirus software required.
Some NACs require an agent to be installed on the connecting devices, in order to provide the detailed information necessary to apply policies. Other NACs use an agentless approach, which can be more flexible as devices don’t need to have software installed before they connect; some devices that need network connections, such as routers, aren’t able to run agent software. Agentless NAC relies on either Active Directory or other tools to evaluate the device and determine whether to grant access.
The capabilities of NACs go beyond simply granting access to the network; in fact, the access granted can be limited based on the role of the device or user. The NAC can use Active Directory to automate the process of granular control of user access.
Integrate Security Solutions for Overall Protection
While managing the devices that connect to your network is an important component of network security, it is only a partial solution. The most effective use of NACs is as part of an integrated security framework that includes firewalls, intrusion prevention/protection systems, and security information and event management software.
Although NAC can control network access, by itself that isn’t enough for securing your network from mobile devices. Mobile device management or enterprise mobility management solutions are also needed. Those products manage the mobile device’s application usage, encryption, and other device-specific security controls such as passwords.
Security for your computer systems requires a mix of products that work together to provide comprehensive protection from your endpoints to your backend servers and all through your network. Contact us for a free infrastructure assessment to identify your vulnerabilities and begin designing a strategy to protect your business. Prescient Solutions offers security services that will help you select the tools you need. We also offer mobile device management services to help you define user profiles and ensure that BYOD workers have access to all the systems they need to perform their jobs remotely without endangering your business.