Chapter 9. Verifying that a PC Is Safe
In This Chapter
Classifying the machines on your network
Knowing what to scan for
Dealing with unsafe machines
Scanning machines while they're on the network
Most organizations that deploy a NAC policy tend to group the NAC options into two key categories: user identity and machine security posture. This chapter deals with machine security posture, helping you answer the question of which machines you want to allow onto your network. Chapter 8 covers user identity.
The capabilities of NAC products certainly go beyond the questions of user identity and machine posture — many NAC products allow you to create policies based on location, time-of-day, wired versus wireless, and so on. Although these policies might seem more or less important to your deployment, depending on your deployment criteria, these two primary categories need to be done first and foremost; therefore, these categories are of key importance.
Industry analysts, journalists, vendors, and enterprises fiercely debate machine integrity because many different schools of thought relate to how much security it adds to a network, and whether a system should quarantine users or prevent them from accessing network resources as a result of machine integrity. Most organizations now have to simultaneously deal with ever increasing sets of user groups and machine types on the networks. IT departments in every major industry are opening up their networks to employees, partners, contractors, customers, and more. At the same time, these user groups want to access the networks by using machines other than their corporate-managed laptops or desktops — Macintosh and Linux machines are increasingly popular, and Solaris and Unix machines might exist on the network. More users have mobile devices — such as Windows Mobile, Apple iPhones, Symbian phones, and so on — because those users are becoming more mobile, so the importance of managing this barrage of new devices and ensuring that corporate data is safe on them increases over time.
This chapter takes you through some of the key factors to weigh when you're deciding which machines should have access to the network. It also outlines how remediation works and discusses some best practices around remediation and quarantine policies.