Network Access Control as a computer networking solution has been around for quite some time and basically uses a set of protocols that control access to the network with various policies.
The base usage of NAC is to limit, deny or allow access of a device to a computer network depending on the defined policy. It basically dictates which users and devices are able to use a specific network, mostly by using IEEE 802.1X protocol, such as EAP-TLS, EAP-PEAP or EAP-MSCHAP.
NAC also allows network administrators to give role-based controls of user, device, application or security post authentication. The main benefit of NAC solutions were to prevent devices that lack certain level of security to access the network and put other computers in the network in risk, define precise policies to allow access to a type of device, computer or user to certain areas of network as well as to give identity and access management by using authenticated user identities rather than standard IP addresses.
The NAC market has grown significantly in the past few years and have evolved accordingly, giving network administrators much more freedom by adding expanded monitoring and reporting, extended system integration and interoperability, advanced threat protection and mitigation and extended endpoint compliance.
Modern NAC solutions also brought several new features including the so-called agentless support, onboarding support, extended policy capabilities, extended guest management, extended profile support, and more.
Some of the well known NAC solutions include, Cisco’s Identity Service Engine, Cryptozone’s Appgate, F5 Networks’ Big IP, Bradford Networks’ Network Sentry and the winner of the SCAwardsEruope 2017, Forescout’s CounterACT, which offers a highly scalable, heterogeneous platform, providing enterprises and agencies with agentless visibility and control of devices and endpoints as they connect.