NAC is a system that's designed to control access and ensure compliance. It uses a set of processes and technologies that are focused on controlling who and what is able to access a network and its resources. NAC does this by authorizing devices that have a level of compliance to operate on a corporate network.

Once a device is connected, the NAC server is able to profile and check whether the connected device has met the standard of compliance before allowing access to the network resources, security policies, and controls, which are configured to ensure that there is some form of restriction that prevents non-compliant devices from obtaining network access.

IEEE 802.1x is the NAC standard for both LAN (wired) and WLAN (wireless) networks. Within an 802.1x network, there are three main components:

• Authentication server: The authentication server is the device that handles authentication, authorization, and accounting (AAA) services on a network. This is where user accounts are created and stored, and where privileges and policies are applied. The authentication server runs either Remote Authentication Dial-In User Service (RADIUS) or Terminal Access Controller Access-Control System Plus (TACACS+) as its protocol.
• Authenticator: This is typically the network device that you are attempting to access, whether it be for administration purposes or to simply access the network. Such devices can be a wireless router/access point or a network switch.
• Supplicant: The supplicant is the client device, such as a smartphone or laptop computer, that wants to access the network. The supplicant connects to the network (wired or wireless) and is prompted with an authentication login window provided by the authenticator. When the user submits their user credentials, the authenticator queries the authentication server to verify the user and determine what policies and privileges to apply while the user is logged on to the network.

Bypassing an NAC system can be somewhat challenging. During the course of this chapter and the previous chapter, we took a look at how to gather user credentials and spoof the identity of our attacker machine (Kali Linux). Using the MAC address and user credentials of a valid user on a target network will provide you with some sort of access to the secure network.

However, NAC servers are capable of profiling the operating system and anti-malware protection on all connected devices. If your system does not satisfy compliance requirements, this can trigger a red flag or not allow access based on policies.