An increasingly mobile, remote and collaborative workforce requires access to company data, applications and other resources from beyond the office, but enabling this free flow of information greatly increases the risk of data breaches, whether intentional or accidental. With data breaches reaching record levels, the ability to control which users and devices can access the network has become a security imperative. Leveraging network access control can help mitigate and protect your business from these breaches.
Leading network access control technologies such as Aruba’s ClearPass family of solutions offer such control, using authentication and policy enforcement to ensure all users and devices accessing the network have an acceptable security posture.
Before allowing a user to access the network, network access control asks who they are, where they are located and what device they are using. Based upon the answers to those questions, the network access control solution authenticates the user, determines the user’s access permissions, determines what endpoint security policies are applicable, and ensures that the policies are enforced. Devices that do not match policy requirements may be denied access, quarantined or granted limited access.
Network access control is not a particularly new security tool, but it has evolved. At one time, it was primarily used to control BYOD in the workplace. However, today’s solutions offer far more robust features such as granular network segmentation, user behavior monitoring, enhanced visibility, and security automation and orchestration capabilities for automated threat detection and response.
Industry analysts consistently rate ClearPass among the most effective network access control solutions. Key components of the solution include:
ClearPass Device Insight
This cloud application provides the visibility needed to make more-informed network access decisions. It enables network and security administrators to discover, monitor and automatically classify all wireless and wired devices that connect to a network — including edge and IoT devices.
ClearPass Policy Manager
This feature provides role-based and device-based network access control for employees, contractors and guests across any wired, wireless and VPN infrastructure. It can be extended to third-party security and IT systems using REST-based APIs to automate workflows that previously required manual IT intervention.
With this feature, users can self-configure devices for use on secure networks, although IT staff must define which users have that privilege, the type of device they can use, and how many devices per person.
This feature automates the workflow for giving customers, contractors and other visitors guest access to wired and wireless networks. It’s simple for non-IT staff to create temporary network access accounts for any number of guests per day, which can be set to expire automatically.
Software agents perform advanced endpoint posture assessments on leading operating systems to ensure compliance is met before devices connect. If devices do not meet security requirements, OnGuard will send users instructions on how to achieve compliance.
Controlling who and what can access the network is critical for IT organizations, but NAC solutions such as ClearPass can streamline the process.
How PKA Can Help
Contact us to learn more about using ClearPass to improve your security posture.