WiFi networks are made up of wireless access points (WAPs) that sit across an organization’s physical infrastructure. WAPs connect wirelessly to endpoint devices on one side, and they have a wired connection to a switch or router to the Internet on the other side. Most WiFi networks only require an SSID and passphrase to connect. That WiFi access combination is conveyed to the user population via word of mouth, emails, or some other form of written communication. WiFi credentials are easy to obtain and not unique. As a result, it is simple for hackers to figure out a way into the network. IT admins recognize this, and they fully understand that it is a top security risk.
Network Access Control has evolved from simply controlling network access, into a more advanced use case of mitigating risks posed by vulnerable and compromised endpoints on today’s dynamic networks. It has emerged as a critical element of an enterprise-wide network security posture that bridges the gap between the SOC and NOC, by eliminating error-prone manual processes via security automation and orchestration.Enterprises must be ready to combat the influx of cyber-threats by gaining complete network visibility, addressing vulnerabilities, implementing network segmentation, and responding autonomously to contain compromised endpoints.
Many of these enterprises should first ask themselves if the NAC solution will easily and seamlessly integrate with their current network topology. Some NAC solutions sit between access and core switches to enforce policies. Since many data centers, such as those for universities and institutions of higher learning, can often use a mix of switches, this scenario requires any NAC solution to be compatible with existing network topology. This becomes less of a consideration where switch upgrades are part of a planned infrastructure upgrade or part of a new system.