You are previewing Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control.
O'Reilly logo
Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control

Book Description

This guide presents real-world hacking scenarios along with complete implementation guidance for the right NAP/NAC solution, so you can understand which solution makes the most sense based upon the most prevalent risks in your environment. Follow the actual steps hackers take to perform specific exploits, determine which security solutions will stop the exploits from happening, and learn all about the standard components of any NAP/NAC solution. By learning to analyze a security posture, set policies for device analysis, and communicate with the device, you'll be able to take action.

Table of Contents

  1. Copyright
  2. Dedication
  3. About the Author
  4. Credits
  5. Acknowledgments
  6. Introduction
    1. An Ethical Hacker's Perspective
    2. Misconceptions Abound
    3. The Flow of This Book
    4. What You'll Learn
    5. Questions to Ask Yourself as You Read This Book
  7. Understanding Terms and Technologies
    1. Who Is the Trusted Computing Group?
    2. Is There a Cisco NAC Alliance Program?
    3. Understanding Clientless and Client-Based NAC
    4. Pre-Admission NAC
    5. Post-Admission NAC
    6. Summary
  8. The Technical Components of NAC Solutions
    1. Analyzing the Security Posture
    2. Setting Policy for Device Analysis
    3. Communicating the Security Posture of the Device
    4. Taking Action Based on the Security Posture
    5. Remediating the Security Deficiency
    6. The Reporting Mechanism
    7. Summary
  9. What Are You Trying to Protect?
    1. LAN-Based NAC
    2. Mobile NAC
    3. Summary
  10. Understanding the Need for LAN-Based NAC/NAP
    1. The Security Reasons for LAN-Based NAC
    2. Unintentional LAN-Based Threats
    3. Real-World Example of an Unintentional Threat
    4. Intentional LAN-Based Threats
    5. Summary
  11. Understanding the Need for Mobile NAC
    1. What's the Primary Need?
    2. Why Companies Look to Mobile NAC
    3. Mobile NAC and Direct Attacks
    4. Mobile NAC and the Wireless Threat
    5. Mobile NAC and the Malware Threat
    6. Summary
  12. Understanding Cisco Clean Access
    1. Deployment Scenarios and Topologies
    2. The Technical Components of Cisco Clean Access
    3. The Purpose of Cisco Clean Access
    4. Summary
  13. Understanding Cisco Network Admission Control Framework
    1. Deployment Scenarios and Topologies
    2. The Technical Components of the Cisco NAC Framework
    3. The Purpose of Cisco NAC
    4. Summary
  14. Understanding Fiberlink Mobile NAC
    1. Deployment Scenarios and Topologies
    2. The Technical Components of Fiberlink Mobile NAC
    3. The Purpose of Fiberlink Mobile NAC
    4. Summary
  15. Understanding Microsoft NAP Solutions
    1. Deployment Scenarios and Topologies
    2. Microsoft 802.1x
    3. The Technical Components of Microsoft NAP
    4. The Purpose of Microsoft NAP
    5. Summary
  16. Understanding NAC and NAP in Other Products
    1. NAC-Like Functionality in Non-NAC Technologies
    2. NAC and NAP Solutions from Other Vendors
    3. Summary
  17. Case Studies and Additional Information
    1. Cisco Clean Access
    2. McAfee NAC
    3. Bradford Networks
    4. Juniper Uniform Access Control
    5. Bibliography