Chapter 14. Extending NAC
In This Chapter
Extending NAC to other network and security elements
Enforcing NAC on your network
Integrating NAC on network endpoints
Think for a moment about the absurdly huge number of network and security devices that are currently deployed across your network — what do they all have in common, and how does that similarity relate to NAC?
These devices all collect information about what your users do on your networks. A lot of information. That information might simply go into log file archives, where no one will ever view it again. Leveraged properly, this information can provide you with insight into user behavior across your network and allow you to use that information to change access control decisions on the fly.
Those devices that collect user-behavior information are strategically placed across your network for optimal visibility. In many cases, you can use this placement as an additional overlay enforcement scheme that allows you to drive user and machine identity into every policy on your network.
In this chapter, we discuss how you can expand many NAC systems beyond what the manufacturer provides so that you can coordinate NAC with a much broader range of systems, devices, and applications across your network.
Get Network Access Control For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
