This page is fully or partially automatically translated.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Make onsite appointment

Forums it-sa Expo 2023 Knowledge Forum D

NAC: A compact overview of approaches and solutions

Learn approaches to enforcing NAC policies and their benefits

Buy trade fair ticket

You can register for this action soon.

You can register for the digital action soon.

Please come back at the scheduled date and time.

The action is currently live. Please scroll down to watch.

This action is only available onsite: Forums it-sa Expo 2023

Add action to bookmarks and download as iCal

Join now

Note: If you continue, the contact data you provided during registration may be transmitted to the respective provider in accordance with our General Terms and Conditions.

Please log in or register in advance so that you can take part in actions or watch the action videos!

This action has already taken place. This action will soon be available as a video.

This action has already taken place. Please scroll down to watch the video.

This action has already taken place. Please login or register to watch the video.

This action has already taken place. It's not available any more.

You are in!

Your ticket / access to the action was sent to you by email.

There is a problem with the action at the moment. Please come back later or contact support.

calendar_today Wed, 11.10.2023, 17:15 - 17:30

event_available On site

place Hall 7, Booth 7-631

Action Video

south_east

Action description

south_east

Speaker

south_east

Themes

Cloud Security Endpoint Protection Network Security / Patch Management

Key Facts

20 years of NAC experience
Diverse NAC approaches
Holistic solution

Organizer

macmon secure GmbH

Event

This action is part of the event Forums it-sa Expo 2023

Action Video

Action description

With its Network Access Control (NAC) solution, macmon secure GmbH has been offering companies in all industries a simple way to secure their networks for 20 years. NAC is an important part of a comprehensive security concept and is designed from the outset to cooperate with other security solutions. Our product supports the requirements of various certifications and legal claims such as the IT basic protection catalogue.
With Belden as the parent company, macmon NAC is also part of a holistic solution approach from a single source, from physical cabling to infrastructure components (such as switches, access points, firewalls) to software solutions.
Here we go into the possible approaches to NAC enforcement. Furthermore, we show the advantages and disadvantages of the respective approaches and go into how macmon NAC differs from other NAC solutions.
macmon NAC allows the administrator to choose between 2 technological approaches.
On the one hand, proactive NAC can be enforced based on RADIUS authentications and, alternatively, the necessary restrictions or releases can be enabled on the basis of our network monitoring and the switching of the current configuration of the switches based on it.
Many manufacturers rely entirely on the first point and use the 802.1X standard and, for end devices that do not support it, MAC-based RADIUS authentication. With 802.1X, additional properties such as a certificate or identity with a password can be checked. A high level of security is achieved and further settings can be made with additional RADIUS attributes. The approach is very good and fits many companies and networks, but not everyone.
Therefore, we offer a second way in addition to this approach. You can easily switch between these two or even operate them mixed in the network.
Especially in the OT area, production is considered the most important asset and in many places still comes before security. In order to do justice to both, you can use macmon NAC to monitor the entire network and react to undesirable situations, such as end devices that you do not know or end devices in the wrong security zones.
We rely on standards and protocols that are more widespread and provide tailored methods (connected packages of steps for reading out or changing configurations) for all common manufacturers. SNMP and REST APIs from the infrastructure manufacturers are the most prominent representatives and allow us to abstract the data. As a result, an administrator often only needs macmon NAC for daily work and does not have to access the switches directly or different network management systems for different manufacturers in the network.
The advantages and disadvantages become apparent in specific situations. Since many companies already operate service monitoring, SNMP configurations are often already known and available. Normally, this leads to a very fast implementation of NAC via SNMP. Implementing the 802.1X standard requires more effort, since additional end devices have to be configured and tested. If you fall back on MAC-based RADIUS authentications to make your work easier, you will of course also lose the higher security level you might be aiming for. It is therefore important to consider how I proceed with which end devices. ... read more

Language: German

Questions and Answers: No