Fortinet Zero Trust Access
What is Network Access Control (NAC)?
Network access control (NAC) technology has been around for nearly two decades, but a new generation of NAC solutions is helping organizations keep up with today’s ever-expanding attack surface, delivering not only visibility of the network environment, but also enforcement and dynamic policy control. Modern NAC solutions provide users with enhanced visibility into the IoT devices on their corporate networks, whether they're connecting from inside or outside the network, and can automatically respond to compromised Internet of Things (IoT) devices or anomalous activity.
Modern NAC solutions also provide a clear view into network assets to support regulatory certifications and security best practices that require organizations to establish and maintain an accurate inventory of all connected devices, including IoT—even in virtual environments where assets are constantly connecting and disconnecting from the network. NAC’s monitoring and response capabilities are especially critical since many IoT devices open users to additional risk via compromised, poorly written and un-patchable software, unadvertised back doors hardwired into firmware, and other factors.
NAC solutions are an important part of a Zero Trust Network Access model for security, in which trust is no longer implicit for users, applications, or devices attempting to access the network, and for which IT teams can easily know who and what are accessing the network, as well as how to protect corporate assets both on and off the network.
How NAC Secures Your Network
NAC solutions provide visibility over everything connected to the network, as well as the ability to control those devices and users, including dynamic, automated responses. NAC is part strengthening overall network security infrastructure.
A properly functioning NAC solution can deny access to noncompliant users or devices, place them in quarantine, or restrict access to a small number of network resources, separated from the rest of the network. NAC solutions generally support the following:
- Authentication and authorization of users and devices
- User and device profiling
- Denial of unsecured devices
- Quarantine of unsecured devices
- Restricting access to unsecured devices
- Policy lifecycle management
- Overall security posture assessment
- Incident response through policy enforcement
- Guest networking access