Professional Documents
Culture Documents
Romy.arifin@Westcon.com
Outdated NAC misconceptions
Complex architecture
Requires 802.1X
**Frost & Sullivan 2013 report NC91-74, Analysis of the Network Access Control
Market: Evolving Business Practices and Technologies Rejuvenate Market
Growth Chard base year 2012.
*This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from ForeScout. Gartner
does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research
publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any
warranties of merchantability or fitness for a particular purpose. Gartner "Magic Quadrant for Network Access Control, Lawrence Orans and Claudio Neiva, December 10, 2014.
2 Access Control
3 Onboarding )
4 Interoperability
5 Easy Deployment
USER OS
NAME DISTRIBUTION BROWSER AGENT
WHO?
EMAIL
TITLE
LAYER
SWITCH
WHAT? PORTS
GROUPS PROTOCOLS
INTERNAL EXTERNAL
MAC ADDRESS
APPS REGISTRY
IP ADDRESS
SERVICES PATCHES
POSTURE? PROCESSES ENCRYPTION WHERE?
SWITCH IP
CONTROLLER IP
VERSIONS ANTIVIRUS
PORT / SSID / VLAN
See Devices:
Managed, Unmanaged,
Wired, Wireless,
PC, Mobile
Site Summary:
Devices,
Categories
Open trouble ticket Deploy a virtual firewall around Move device to quarantine VLAN
the device
Send email notification Block access with 802.1X
Reassign the device to a VLAN
SNMP Traps with restricted access Alter login credentials to block
access, VPN block
Start application Update access lists (ACLs) on
switches, firewalls and routers to Block access with device
Run script authentication
restrict access
Auditable end-user Turn off switch port (802.1X,
DNS hijack (captive portal)
acknowledgement SNMP)
Automatically move device to a
Send information to external pre- configured guest network Install/update agents, trigger
systems such as SIEM etc. external remediation systems
Trigger external controls such as
HTTP browser hijack endpoint protection, VA etc. Wi-Fi port block
personal devices
EMPLOYEE
Automated onboarding
Identify device CONTRACTOR
Identify user
GUEST
Assess compliance
Register guests
Grant access (none, limited, full)
Enforce time of day, connection type, device type controls
Authenticate via
Corporate Credentials
Guest Registration Authenticate via
Contractor Credentials
SIEM correlates ForeScout information with information from other sources and
identifies risks posed by infected, malicious or high-risk endpoints
Quarantine
USER
DIRECTORY
SCCM
CORE
SWITCHES
ENDPOINT
PROTECTION
COUNTERACT
ENTERPRISE SIEM
MANAGER
VA
MDM
ATD
ACTIVE
DIRECTORY
SCCM
CORE
SWITCHES
ENDPOINT
PROTECTION
COUNTERACT
ENTERPRISE SIEM
MANAGER
VA
MDM
ATD
SCCM
CORE
SWITCHES
ENDPOINT
PROTECTION
COUNTERACT
ENTERPRISE SIEM
MANAGER
VA
MDM
ATD
SCCM
CORE
SWITCHES
ENDPOINT
PROTECTION
COUNTERACT
ENTERPRISE SIEM
MANAGER
VA
MDM
ATD
SCCM
CORE
SWITCHES
ENDPOINT
PROTECTION
COUNTERACT
ENTERPRISE SIEM
MANAGER
VA
MDM
ATD
Agentless and
non-disruptive
Scalable, no
re-architecting