InvestorsHub Logo
Boards
News
Market Data
Markets
Discover
Discover
Subscribe Login/Register
S&P 500
5,615.35
(
0.55%
)
US TECH 100
19,804.00
(
0.64%
)
Dow Jones
40,000.90
(
0.62%
)
Brent Oil
84.57
(
0.00%
)
Bitcoin
59,975.37
(
1.26%
)
Post# of 249238
Next 10
Reply Private New
Public Reply Private Reply New Post
Keep Last Read
Replies (1) Keep Next 10 Report Keyboard Shortcuts
Replies (1) Next 10 Prev Next

mundo

Send PM Follow Ignore
Followers 9
Posts 2059
Boards Moderated 0
Alias Born 08/09/2003

mundo

Re: None

Friday, 08/04/2006 6:52:22 PM

Friday, August 04, 2006 6:52:22 PM

Post# of 249238
NAC technology in focus at Black Hat
Posted on : Thu, 03 Aug 2006 20:02:00 GMT | Author : Emma Price
News Category : Technology


Network access control (NAC) technology is spoken of as being the ultimate shield against malicious attacks. While all IT managers agree that NAC is the best security available, they are unable to define exactly what NAC is and how different interpretations by vendors can work under one roof.

At the Black Hat USA 2006 conference, it was proposed that this confusion must be cleared before network-access control technologies are widely acceptable. The principle behind NAC is simple enough. IT managers will devise systems that will not let anyone in until they comply with the said company's security guidelines. Ofir Arkin, chief technology officer and co-founder of Insightix Ltd said that the technology was very viable. "It's a valid technology and something you need to consider as part of your network security," he said.


Speaking at length about NAC technology Arkin made it clear that under existing rules, it was easy for a really determined person to bypass NAC controls. Without naming vendors, Arkin made it clear that the NAC solutions offered by Cisco, Microsoft, and Symantec were riddled with unworkable theories. Basically this confusion made it easy for hackers to bypass controls and enter the systems.

He slammed several solutions, mainly ones that use DHCP (Dynamic Host Configuration Protocol) proxy servers to enforce security policy. He said that the controls could be circumvented by simply using static IP addresses. "802.1x is the best technology that is out there," Arkin said, adding that currently Cisco's 802.1x NAC solution was "the best that is out there." However Cisco's solution is able to work only on its own equipment. "Not all equipment may have that (802.1x)," Arkin said. "Not all networking elements can support 802.1x."

Reacting to Arkin's presentation, Cisco Chief Security Officer John Stewart said NAC technology still had a long way to go. "The technology's immature. But [NAC] will increase my capability to keep my network in good condition," he said. "Can it be maneuvered to have false data? Yes. Would it be completely the case that every device on my network will provide false data? Unlikely." He added that there would be weak links, "But I think that's the wrong thing to focus on. We want to address the weaknesses but focus on the benefits."




http://www.earthtimes.org/articles/show/7945.html
Public Reply Private Reply New Post
Keep Last Read
Replies (1) Keep Last Read Next 10 Report Keyboard Shortcuts
Replies (1) Next 10 Prev Next

Join the InvestorsHub Community

Register for free to join our community of investors and share your ideas. You will also get access to streaming quotes, interactive charts, trades, portfolio, live options flow and more tools.

Sign Up