Chapter 4. NAC Components
In This Chapter
Identifying the components of NAC
Matching the correct NAC solution to your business
After you cover the business cases and know that you have a reason to deploy network access control (NAC), what exactly do you deploy? You can find many different flavors of endpoints, enforcement devices, and policy engines, but all NAC solutions are made up of three parts:
Policy engine (also called policy decision point)
Endpoint agent (sometimes the endpoint agent is agentless)
Policy enforcement point
NOTE
Although all NAC solutions use at least these three parts, sometimes those parts can be combined. For example, a policy engine can sit inline on the network and enforce policy. You might also have a solution that's agentless via a Web browser; in this situation, the Web browser is your agent.
Picking the right mix depends on the network the NAC solution is going to protect. This chapter helps you define your network access policy and then it shows how you can enforce it.
Get Network Access Control For Dummies® now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
