My Photo

Archives

More...

About

OASIS-08

  • 27a

Got the NAC

« Economical With The Truth | Main | Rating College Football Teams (or NAC products) »

December 20, 2008

Don't Just Let them On

In the wake of the second out-of-band patch in two months (and during the holiday shopping season no less), I'm reminded of two NAC truisms.  The first is that, whatever your general view of patch checking in the NAC cycle, there are times when you absolutely need to check for the presence of a specific KB patch.  The second is that relying solely on IPS technologies for post-admission protection is foolish.

Don't get me wrong.  There remains an obvious place for IPS (though UTM seems a better fit), including a place in the NAC lifecycle.  However, as most data-stealing exploits indicate, there are times when you simply need to remove network access for an endpoint.  In these times, and especially at this time, allowing a data-stealing trojan infected endpoint onto the network under the premise that the "bad traffic" can be dropped remains the very last choice you'd want to make.

Posted by Grant Hartline on December 20, 2008 at 08:04 PM in Network Access Control |

TrackBack

TrackBack URL for this entry:
http://www.typepad.com/services/trackback/6a00e550a981ff8834010536889a29970b

Listed below are links to weblogs that reference Don't Just Let them On:

Comments

Verify your Comment

Previewing your Comment

Posted by:  | 

This is only a preview. Your comment has not yet been posted.

Working...
Your comment could not be posted. Error type:
Your comment has been posted. Post another comment

The letters and numbers you entered did not match the image. Please try again.

As a final step before posting your comment, enter the letters and numbers you see in the image below. This prevents automated programs from posting comments.

Having trouble reading this image? View an alternate.

Working...

Post a comment