9.1. Deployment Scenarios and Topologies
Depending upon the security needs of an organization, it can choose to implement various NAC-like components to address specific scenarios. The related technologies and scenarios discussed in this section will be the following:
Network Access Quarantine Control (NAQC) — Controlling the security posture of remote clients as they attempt to connect to the corporate LAN remote
Microsoft 802.1x — Controlling unwanted access
Microsoft NAP — Full-fledged NAC/NAP solution
9.1.1. Network Access Quarantine Control
Network Access Quarantine Control (NAQC) is a remote access inspection tool that shipped with Windows Server 2003. The purpose of this technology was to assess devices as they attempted remote connectivity to the corporate LAN. If you take a look at Microsoft's documentation on NAQC and NAP, it is very clear that Microsoft does not want any confusion between NAQC and NAP. Microsoft specifically states the following:
Network Access Quarantine Control is not the same as Network Access Protection, which is a new policy enforcement platform that is being considered for inclusion in Windows Server "Longhorn," the next version of the Windows Server operating system. Network Access Quarantine Control only provides added protection for remote access connections. Network Access Protection provides added protection for virtual private network (VPN) connections, Dynamic Host Configuration Protocol (DHCP) configuration, and Internet Protocol security ...
Get Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
