Misconceptions Abound
Have you ever heard this before:
To implement Cisco NAC, a company needs to have all Cisco networking hardware. Even if they have all Cisco gear, they will likely have to upgrade all of it to use Cisco NAC.
I've heard this statement many times. I've heard engineers say it. I've heard salespeople and marketing people say it. And I've also heard other NAC and NAP vendors say it. The problem is that it's not true. You actually don't have to have all Cisco networking equipment if you want to implement Cisco NAC. In fact, Cisco's Clean Access NAC solution is Cisco's preferred NAC solution, and it simply doesn't have that requirement. You could integrate Clean Access with Cisco networking equipment, but you don't have to.
How about this one:
I will protect my mobile devices with my LAN-based NAC solution.
Here's a question: How on earth is a NAC device sitting behind firewalls on a LAN going to protect a mobile device sitting at a public Wi-Fi hotspot? To provide protection, doesn't the assessment, quarantining, and remediation functionality need to be accessible to provide the protection? If a user is sitting at a Starbucks surfing the Internet, the user simply wouldn't be in communication with a LAN-based NAC device and all that NAC functionality wouldn't even come into play. This book will specifically show how mobile devices are particularly susceptible to exploitation and how an exploited mobile device can cause serious problems on the LAN.
Here's another one:
NAC solutions automatically fix security deficiencies.
That's not really true. As you'll find in this book, many NAC solutions don't contain any remediation servers whatsoever. Some will tie into existing, specific solutions, and others more or less don't have anything to do with remediation. Almost all of the solutions (with the exception of Mobile NAC) won't fix any security problems for laptops and other systems as the devices are actually mobile. If a device is missing a patch or has a security application disabled, these items must be remediated as the devices are mobile, not just when they attempt to gain access to the corporate network.
After reading this book, you will be in a position where you will be able to see through these misconceptions and any misinformation that might come your way. You will be able to more intelligently speak to NAC and NAP vendors and colleagues, as well. Most importantly, you won't be one of those people passing along misconceptions.