By Integrating NAC Into Centralised Security Platform, Organisations Increase Their Security Posture
It’s perhaps the #1 mission of every security team: define and control access to resources on the network and make sure only authorised users and devices can gain access to digital assets.
While Network Access Control (NAC) is a key tool in achieving this objective, NAC isn’t just about letting the right users onto the network and keeping the bad ones out. It’s also about granting access for traditional endpoints and mobile devices to assets behind the firewall (on-premises resources) that end users are entitled to. NAC solutions must also control access outside the firewall—to the Internet and in cloud-based services.
Yes, businesses want users accessing the resources they need to do their jobs. But businesses also don’t want users tapping into websites and applications that open the door for cybercriminals to infiltrate the internal network.
The State of Network Access Control in Business Operations
When combined with authenticated identity and biometrics, NAC solutions can address the challenges noted above. NAC deployed properly can also ensure only legitimate and non-compromised users and devices and apps can access the things they are supposed to access—at the right time and from the right location.
Gartner defines Network Access Control (NAC) as the technologies that enable organisations to implement policies for controlling access to corporate infrastructures, by user-oriented devices, operational technology (OT) devices, and Internet of Things (IoT) devices. Policies may be based on authentication, endpoint configuration (posture) or users’ roles/identities. NAC can also implement post-connect policies based on integration with other security products. For example, NAC could enforce a policy to contain the endpoint based on an alert from a SIEM – or to enforce a policy to require a second factor authentication via biometrics for high-value or high-risk transactions when the situation calls for it (such as a questionable time of day or geo-location).
NAC solutions that deliver these capabilities are often part of the security strategy at large enterprises; the key is having the right collection of technologies and processes in place to define and enforce your business-ready policies.
For many small and medium-size enterprises (SMEs), NAC technologies and expertise are often beyond the reach of their IT budgets. That’s where managed security service providers (MSSPs) come in—with their ability to deploy and manage NAC solutions cost-effectively on behalf of SME customers.
The key for both segments large and small is to go beyond traditional NAC capabilities by utilizing a platform that integrates NAC with other security measures, such as biometrics for identity authentication and second factor authentication. At CyberCyte, we refer to this approach as building the Circle of Zero Trust.
With our CyberCyte security platform, the Circle of Zero Trust allows MSSPs and organisations of all sizes to move beyond blind trust to a state of knowing that internal network and Internet access by end users will be both legitimate and safe. Organisations can also ensure that all end users, devices and apps that attempt to connect to their networks are authorised. The Circle tops all that off by giving you complete visibility into what’s taking place across your network infrastructure, so you don’t have to rely on trust – you can visually confirm that this is true.
The Role of Access Control in Information Security
NAC solutions play a critical role in information security by mitigating risks such as weak passwords, open router ports, network traffic that impedes network performance, or device and network activity that is malicious in nature. With a leading NAC solution, organisations can deliver several key capabilities to their customers:
- Discover weak passwords, changed passwords, account lockouts and password breach attempts on any device.
- Track network-access audit data.
- Detect port scans, hubs, stacked devices, event log deletion, and group membership changes.
- Conduct asset inventory and threat discovery
- Run process analysis to discover traffic flow.
- Check for bandwidth consumption and unauthorised attempted remote connections.
NetCyte from CyberCyte provides all of these capabilities with no agent installation and does not require an appliance to run on-premises within customer networks. Rather, it is deployed and managed through the cloud as a service. The solution can integrate with any network device supporting a remote connection without any dependencies—and offers unprecedented scalability along with different methods for discovery and blocking.
As an example, organisations leveraging the CyberCyte platform can discover if any IT infrastructure processes have created a listening port, which can be a backdoor for a cyber attack. The technology also analyzes operating system drivers, installed services, start-up objects, and scheduled tasks—each of which can provide crucial signs to informed technical capabilities to identify if there are any risky components running or activities taking place.
When NetCyte—with its contextual network access control capabilities—is combined with biometrics on the CyberCyte platform, organisations also gain much greater visibility and control over which end users and which devices can access digital assets. Policies can also be set to control the time and location from which assets can be accessed.
Network Access Control in Action
An international bank preferred NetCyte after years of trying other competing products. The bank had more than 750+ branches and 3 main office locations. The bank wanted an agentless NAC platform that did not depend on network devices nor the use of 802.1X. The bank’s distributed topology meant that an appliance deployed to the remote branches was also not acceptable. Due to inaccurate classifications in agentless mode and lack of support in customizing network commands, the competing products failed in branch deployments. NetCyte enabled higher accuracy, better response time, and accurate classification in remote branch deployment; NetCyte become the preferred solution and continues to deliver value throughout the bank’s growing infrastructure.