An Ethical Hacker's Perspective
If you're a security engineer like myself, the last person you want telling you about security is a sales or marketing person. Unfortunately, that is often the source of security information, as they are on the front lines communicating those messages. This book is going to take a different perspective on NAC and NAP. This information is going to come from the perspective of a security engineer who is well versed in the specific threats and how various exploits actually take place. It will also come from the perspective of a director of information systems (IS), IS manager, and system administrator — the people who actually need to understand what these solutions are meant to do and what the various pieces of each solution actually contain.
The goal of security applications is to mitigate risk. With NAC/NAP, it's important to understand exactly what the different types of threats actually are before a solution to address those threats can be put into place. As I'll mention in this book, many people tell me they are looking at a NAC/NAP solutions because they don't want unwanted systems plugging into their LAN and infecting their network. OK, that sounds good and is a valid concern. Should that specific scenario be the top concern based upon the actual threats and exploits that actually exist? I don't think so. Personally, I would be more concerned about a wanted system that is mobile and connecting to public Wi-Fi hotspots, is handling sensitive data, and has been exploited because it hasn't received critical patches in a month and its antivirus and antispyware applications are out of date. If such systems are exploited because they weren't assessed, restricted, and remediated while they were mobile, is a LAN-based NAC system going to catch a rootkit that is running deep and was installed during this vulnerable period? You can form your own opinion, as this book covers the actual vulnerabilities and exploits that the various types of NACs can address. Then, you can determine what type of solution makes the most sense based upon the risks that are most prevalent to your environment.