Presentation is loading. Please wait.

Presentation is loading. Please wait.

Network Access Control Mar 8, 2011. Why Network Access Control Prevent unauthorized users from accessing OU resources. Prevent unsafe devices from providing.

Published byMelvyn Evan Dorsey Modified over 8 years ago

Similar presentations

Presentation on theme: "Network Access Control Mar 8, 2011. Why Network Access Control Prevent unauthorized users from accessing OU resources. Prevent unsafe devices from providing."— Presentation transcript:

1 Network Access Control Mar 8, 2011

2 Why Network Access Control Prevent unauthorized users from accessing OU resources. Prevent unsafe devices from providing a launch pad for cyber attacks. Identify vulnerable devices and inform their users so that corrective action could be taken. Network Access Control is a mechanism for enforcing network access to Authorized and Guest users with Safe devices.

3 Challenges facing NAC Addition of new devices every year. Inability to physically secure all network ports. Presence of a wide variety of devices on the network. Emergence of new vulnerabilities. Need for a smooth user experience while enforcing access control.

4 NAC Solutions Cisco Bradford Juniper Netreg – Implemented successfully in many universities (e.g., CMU, Duke, Boston University, Notre Dame, Iowa State, Southwestern)

5 Benefits of Netreg Active – Associate every device on the wired network with an authorized user. – Identify the location of each wired device down to a room and port jack. Reactive – Scan every new device when it enters the network. – Provide mechanism for forcing remediation on or blacklist a device. – Provide mechanism for forcing a device out of the production network. Preventive – Prevent rogue DHCP servers from handing out addresses. – Prevent static address squatting.

6 NetReg Flow Remediation Devices Blacklist Devices Temp Authorized Devices Unregistered Devices Register Authorized Devices Students FacStaff Guests SCANSCAN

7 NetReg from a Users’ perspective Auto Registration – Users with OHIO ID – Guests with Guest ID Manual Registration – Pre-registration of laptops/desktops – Registration of browser-less devices (like gaming devices and printers) – View the list of devices registered to a user – Unregister a device

8 NETREG DEMO

9 Further steps Complete development – User Interface – Admin Applications – Device Vulnerability Classification Procedure Deployment – Pilot – Rollout Communication with each department Implementation Follow-up

Download ppt "Network Access Control Mar 8, 2011. Why Network Access Control Prevent unauthorized users from accessing OU resources. Prevent unsafe devices from providing."

Similar presentations

Brute Force Attack Against Wi-Fi Protected Setup

Brute Force Attack Against Wi-Fi Protected Setup
© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.

© 2006 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Common Layer 2 Attacks and Countermeasures.
Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.

Wireless and Network Security Integration Defense by Hi-5 Marc Hogue Chris Jacobson Alexandra Korol Mark Ordonez Jinjia Xi.
SALSA-NetAuth SALSA-FWNA BoF Kevin Miller Duke University Internet2 Member Meeting May 2005.

SALSA-NetAuth SALSA-FWNA BoF Kevin Miller Duke University Internet2 Member Meeting May 2005.
PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”

PHYSICAL SECURITY Attacker. Physical Security Not all attacks on your organization's data come across the network. Many companies focus on an “iron-clad”
©2011 Bradford Networks. All rights reserved. Secure Mobility Safely Onboarding Personal Devices to Corporate Networks.

©2011 Bradford Networks. All rights reserved. Secure Mobility Safely Onboarding Personal Devices to Corporate Networks.
Network Security In Education A Balancing Act Doug Klein CTO Vernier Networks, Inc.

Network Security In Education A Balancing Act Doug Klein CTO Vernier Networks, Inc.
Wireless and Switch Security NETS David Mitchell.

Wireless and Switch Security NETS David Mitchell.
History DHCP was first defined as a standards track protocol in RFC 1531 in October 1993, as an extension to the Bootstrap Protocol (BOOTP). The motivation.

History DHCP was first defined as a standards track protocol in RFC 1531 in October 1993, as an extension to the Bootstrap Protocol (BOOTP). The motivation.
© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.

© 2007 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Addressing the Network – IPv4 Network Fundamentals – Chapter 6.
VoIP – Security Considerations An Examination Ricardo Estevez CS 522 / Computer Communication Fall 2003.

VoIP – Security Considerations An Examination Ricardo Estevez CS 522 / Computer Communication Fall 2003.
Implementing Default-Deny while Enabling End-to-end Performance Damian Doyle Jack Suess.

Implementing Default-Deny while Enabling End-to-end Performance Damian Doyle Jack Suess.
AutoMAC: A Tool for Automating Network Moves, Adds, and Changes Christopher J. Tengi Princeton University.

AutoMAC: A Tool for Automating Network Moves, Adds, and Changes Christopher J. Tengi Princeton University.
Wireless Network Security

Wireless Network Security
Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S09761197.

Network Access Management Trends in IT Applications for Management Prepared by: Ahmed Ibrahim S
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.

© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—7-1 Minimizing Service Loss and Data Theft Understanding Switch Security Issues.
Fences Make Good Neighbors Monitoring Academic Networks at the Port Level Educause Security Conference April 4, 5 2005 Washington DC David LaPorte / Kevin.

Fences Make Good Neighbors Monitoring Academic Networks at the Port Level Educause Security Conference April 4, Washington DC David LaPorte / Kevin.
Network Architecture for Automatic Security and Policy Enforcement Internet2 Members Meeting Fall 2005 Eric Gauthier ~ Boston University Kevin Amorin ~

Network Architecture for Automatic Security and Policy Enforcement Internet2 Members Meeting Fall 2005 Eric Gauthier ~ Boston University Kevin Amorin ~
Office of Information Technologies CAMP: Bridging Security and Identity Management Christopher Misra 14 February 2008 Tempe, AZ Protecting Network Assets.

Office of Information Technologies CAMP: Bridging Security and Identity Management Christopher Misra 14 February 2008 Tempe, AZ Protecting Network Assets.
1 Soft Phone Installation and Registration Step by Step Instructions By Prof. Valencia Community College.

1 Soft Phone Installation and Registration Step by Step Instructions By Prof. Valencia Community College.

Similar presentations

Ads by Google