Computer communications commonly involve multiple connection methods including dedicated, directly wired networks, dial-up, wireless, and virtual private networks (VPN). This increases the need for and complexity of network access control and security.
NAC hardware solutions often employ a network appliance inline with the network to provide NAC capabilities, sometimes in conjunction with access layer switches. NAC applications should be able to integrate with technologies such as intrusion detection, vulnerability assessment, and identity management. NAC admission scenarios can include go/no-go access, virtual LAN (VLAN)-based access controls, simple packet filters, and stateful firewalling. There are also known IEEE 802.1x quarantine methods. Existing solutions rely solely on user authentication to determine network access. Management and control of both remote access users and devices is important to protect the internal network by ensuring devices meet the policy requirements of a particular company network and that network services are provisioned appropriately for a device.
What is needed is a network access control system that provides authentication, assessment, authorization, provisioning, and remediation, for a broad, user-centric, network-based, access control solution.