2.7. Summary

Following are key points from this chapter:

  • NAC/NAP solutions may differ, but components are pretty much the same. These include the following:

    • A technology to analyze the security posture of the device

    • A policy-related component to configure and set the policy on what specific security criteria will be analyzed on the device

    • A technology to communicate the security state of the device to other facets of the NAC/NAP solution

    • A mechanism that receives the security posture of the device and performs an action based upon those results

    • A policy-related component to configure and set the policy regarding what action will take place

    • A remediation technology whose purpose is to bring the device back into compliance

    • A reporting mechanism

  • Not all solutions will contain all components.

  • The remediation component is often not included as a standard component of a NAC/NAP solution.

  • High-quality NAC/NAP reporting can assist with internal audits and compliance regulations (such as SOX and HIPAA).

Chapter 3 covers a fundamental principal that all those researching NAC/NAP solutions need to understand: "What are you trying to protect?"

Get Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial