network access control - connecticut · trustwave network access control the challenge •...
TRANSCRIPT
![Page 1: NETWORK ACCESS CONTROL - Connecticut · Trustwave Network Access Control The Challenge • Unmanaged devices inside the firewall • Infected systems introduced by contractors, students](https://reader033.vdocuments.mx/reader033/viewer/2022060323/5f0daef37e708231d43b9180/html5/thumbnails/1.jpg)
SMART SECURITY ON DEMAND
NETWORK ACCESS CONTROL Control Who And What Is On Your Network
Larry Fermi Sr. Systems Engineer, NAC Subject Matter Expert
![Page 2: NETWORK ACCESS CONTROL - Connecticut · Trustwave Network Access Control The Challenge • Unmanaged devices inside the firewall • Infected systems introduced by contractors, students](https://reader033.vdocuments.mx/reader033/viewer/2022060323/5f0daef37e708231d43b9180/html5/thumbnails/2.jpg)
Trustwave Network Access Control The Challenge
• Unmanaged devices inside the firewall • Infected systems introduced by contractors, students and even employees • Authorized devices that begin behaving badly
The Solution : Trustwave NAC
• Pre- and post-admission scanning for detection of rogue activity • 24x7 management support
The Benefits • Tracks user behavior • Enforces policy based on user groups • Continuously measures health and compliance status of every endpoint on the
network
![Page 3: NETWORK ACCESS CONTROL - Connecticut · Trustwave Network Access Control The Challenge • Unmanaged devices inside the firewall • Infected systems introduced by contractors, students](https://reader033.vdocuments.mx/reader033/viewer/2022060323/5f0daef37e708231d43b9180/html5/thumbnails/3.jpg)
Trustwave NAC Policy Components
Identity
Endpoint Compliance
Behavior
Network Access Control
" Match user identity with each endpoint on the network
" Seamless integration with existing credential stores
" Analyze every packet from every device " Zero-day threat detection " L2-L7 behavioral policy enforcement
" Measure health and compliance status of every endpoint on the network
" Robust reporting tracks all compliance data " Flexible tiered enforcement
![Page 4: NETWORK ACCESS CONTROL - Connecticut · Trustwave Network Access Control The Challenge • Unmanaged devices inside the firewall • Infected systems introduced by contractors, students](https://reader033.vdocuments.mx/reader033/viewer/2022060323/5f0daef37e708231d43b9180/html5/thumbnails/4.jpg)
Policy Enforced Managed Unmanaged Unmanageable
Behavioral Threat
Acceptable Use
Identity
Risk Assessment
OS Patch Check N/A
AV Check N/A
AS Check N/A
FW Check N/A
BYOD
Trustwave NAC Policy Matrix
![Page 5: NETWORK ACCESS CONTROL - Connecticut · Trustwave Network Access Control The Challenge • Unmanaged devices inside the firewall • Infected systems introduced by contractors, students](https://reader033.vdocuments.mx/reader033/viewer/2022060323/5f0daef37e708231d43b9180/html5/thumbnails/5.jpg)
The Trustwave NAC Process
Remediation Trustwave Policy Manager
Authenticate Scan Authorize Discover
Re-scan Detect Monitor
Network Intelligence
Enforce
Enforce
Pre-admission “Check on Connect”
Post-admission “Continuous Threat Prevention”
![Page 6: NETWORK ACCESS CONTROL - Connecticut · Trustwave Network Access Control The Challenge • Unmanaged devices inside the firewall • Infected systems introduced by contractors, students](https://reader033.vdocuments.mx/reader033/viewer/2022060323/5f0daef37e708231d43b9180/html5/thumbnails/6.jpg)
Managed Enterprise NAC Architecture
Remote Location 2
Remote Location 1
…
Managed NAC Sensor Managed NAC Sensor
Managed NAC Sensor
Main Office/Campus
Trustwave MSS SOC
NAC Management Server
![Page 7: NETWORK ACCESS CONTROL - Connecticut · Trustwave Network Access Control The Challenge • Unmanaged devices inside the firewall • Infected systems introduced by contractors, students](https://reader033.vdocuments.mx/reader033/viewer/2022060323/5f0daef37e708231d43b9180/html5/thumbnails/7.jpg)
Trustwave NAC Summary
Ensures device compliance with
established policy on the network.
Uniquely detects and identifies rogue
gateway devices, with quarantine
ability.
Supports unmanageable,
BYOD devices such as smartphones &
tablets.
• Agentless − Requires no agent software − Works for every endpoint
regardless of device type or operating system
• Infrastructure Independent − Works in every network − Requires no integration with
network infrastructure for discovery or enforcement
• Virtually Inline − Fails open − Self-contained enforcement − No single point of failure − No latency
![Page 8: NETWORK ACCESS CONTROL - Connecticut · Trustwave Network Access Control The Challenge • Unmanaged devices inside the firewall • Infected systems introduced by contractors, students](https://reader033.vdocuments.mx/reader033/viewer/2022060323/5f0daef37e708231d43b9180/html5/thumbnails/8.jpg)
• 8 NAC Patents Awarded • 2013 SC Magazine Best NAC Product • Scored 9 /10 in Forrester NAC Market Overview • Strongest Out-of-Band NAC Appliance in Forrester Wave • Frost & Sullivan Global Award for Best Entrepreneurial
NAC Company • Info Security Products Guide Best Deployment Scenario • Info Security Hot Companies • Best Anti-Worm, Anti-Malware, SC Magazine/RSA • Info Security Customer Trust Product Excellence Award • Software Development magazine: four star product review
Industry Recognition for Trustwave NAC
![Page 9: NETWORK ACCESS CONTROL - Connecticut · Trustwave Network Access Control The Challenge • Unmanaged devices inside the firewall • Infected systems introduced by contractors, students](https://reader033.vdocuments.mx/reader033/viewer/2022060323/5f0daef37e708231d43b9180/html5/thumbnails/9.jpg)
Trustwave Network Access Control