Network Access Control
Network access control allows organizations to restrict access to resources on their network. NAC systems' usage is now increasing rapidly, thanks to the exponential increase in bring your own device policies and internet of things devices on the network, and the integration of NAC technology into mobile device management, SIEM, next-generation firewalls and threat detection products
The primary group showing increased demand for NAC is large organizations due to the unique demands enterprises have in regards to number of employees and granting access to contractors, visitors and third-party suppliers.
As the risk of breaches associated with these groups becomes a board-level issue, so too does the demand for NAC to help mitigate the risk. Most NAC system vendors are also reporting an increase in demand in the small and medium-sized business (SMB) market. This has largely been propagated by media reports of breaches and the potential reputational damage they cause.
It is especially important to assess the risk to the organization from BYOD, the internet of things (IoT), weak access permissions and advanced persistent threats (APT).
Why do you need
Network Access Control?
· BYOD and IoT threats
BYOD and IoT have become key to increasing demand in NAC technology mainly because securely handling mobile devices is a key concern for CISOs tasked with providing secure network access with minimal disruption to end users.
As the line between personal and professional time blurs, end users are demanding to use not just corporate-owned devices, smartphones, tablets, laptops, among others -- but personal ones for business as well. This greatly complicates endpoint and network security for organizations that need to support not just employees connecting devices to the network, but devices from third parties -- e.g., visitors, partners and contractors -- as well.
The addition of IoT into the enterprise workplace has caused NAC vendors to ensure their agentless detection can successfully assess and categorize these devices. This is only likely to increase in the future, with various monitoring systems for HVAC, security cameras and even devices for monitoring staff activity being deployed into offices.
· Delivering role-based network access
While NAC is generally thought of as a security technology that either allows or denies access to the network, one of the major advantages of it is the ability to deliver network access on a granular basis. This can be integrated with Active Directory controls to provide network access only to areas of the network that allow the particular owner of the device to perform their job role.
As most IT managers are aware, managing both Active Directory group membership and network share permissions in a large network is an often insurmountable task and inevitably leads to excessive network permissions. Being able to manage this centrally through an NAC system can allow greater control and flexibility for delivering access to shared folders.
Weak controls on network shares are often a key vulnerability that IT comes across during the network penetration tests. Having NAC products in such circumstances would go a long way toward solving this problem. NAC products either directly provide access to personally identifiable information or provide access to data that allows further enumeration of network resources. For example, If a misconfigured IT share allowed access to passwords for a number of key databases containing customer names, addresses, dates of birth and payment card details, having an NAC system would mitigated the risk posed to this data
· Reduce the risk from APTs
Although NAC does not provide functions that directly detect and thwart APTs, it can stop the source of the threat from connecting to the network. Some NAC systems even integrate with APT detection products and automatically isolate affected systems before attackers can further access the network.
Using the famous example of the attacks against Target in 2013, the original infection occurred when a third-party vendor that sold heating and air conditioning connected to Target's IT network. Hackers targeted the third party, whose connection was in turn used to attack and exploit Target's network.
Using an NAC system would have made it possible to automatically restrict access to the Target network by the HVAC vendor, thereby restricting access that the APT had to corporate data and resources. This would have made it much more difficult for the attack to have the same level of impact it had, saving Target a lot of money and both the retail behemoth and its customers a ton of hassle.
Secure Web Gateway
A secure web gateway protects an organization from online security threats and infections by enforcing company policy and filtering Internet-bound traffic. A secure web gateway is an on-premises or cloud-delivered network security service. Sitting between users and the Internet, secure web gateways provide advanced network protection by inspecting web requests against company policy to ensure malicious applications and websites are blocked and inaccessible. A secure web gateway includes essential security technologies such as URL filtering, application control, data loss prevention, antivirus, and https inspection to provide organizations with strong web security.
What are the Benefits of Secure Web Gateway (SWG)?
- Blocks access to high-risk and malicious websites and applications
- Enforces compliance policies and regulations
- Prevents malware infections and detects infected devices with a multi-layered security architecture
- Provides protection for remote workers by enforcing company security policies, while enabling them to stay connected wherever they may be
How do secure web gateways fit into modern enterprise security architectures?
Online data is evolving, and on-premises and cloud-based gateway security controls are merging. Security companies are providing cloud based secure web gateway services merged with cloud access security brokers (CASB).
For example, as an enterprise user accesses Salesforce.com or Office 365, any transmission of data to these applications can be scanned for malicious code and compared against the user's enterprise security policies. This can help ensure that the data sent is compliant and within the enterprise organization's security policy rules. No unauthorized data is sent, and no malicious data is accepted. As more data is sent to and from cloud applications, the natural evolution of web gateways with CASB is accelerating.
Email security gateway
Secure Email Gateways provide predelivery protection by blocking email based threats before they reach a mail server, whether on-premise or on Office 365 / G-Suite. They protect businesses from spam, viruses, malware and denial of service attacks. The gateway scans all incoming, outbound and internal email communications, including attachments and URLs for signs of malicious or harmful content.
Email Gateways will also offer protection from social engineering attacks such as phishing, or business email compromise. The gateway can check the domain of incoming emails, as well as scan for suspicious content within the email, to stop harmful content from coming into the network. Emails that have been marked as malicious are quarantined or rejected. Some systems allow the quarantined emails to be accessed by admins if necessary.
Alongside blocking incoming threats, Email Gateways will also scan outgoing content. This can help protect businesses from data loss. Many Email Gateways will provide Email Archiving functionality, which stores emails for legal compliance and data management. They will also provide business with Continuity features, which mean that even if their email network goes down, they will still be able to access their emails. Email Gateways will also provide businesses with a management dashboard and a range of reports and analytics. These give businesses visibility into all email traffic in a network. This is important for businesses to gain insights into their network security.
· What are the benefits of a Secure Email Gateway?
Secure Email Gateways offer businesses multiple benefits. They protect employees from email threats like spam, viruses and phishing attacks, which in turn protects businesses. Employees are biggest attack vector for business networks, and email is a prime target for attackers to reach employees. Having a Secure Email Gateway in place allows businesses to improve security for employees by blocking malicious emails, stopping phishing attacks.
Secure Email Gateways also allow businesses to meet compliance needs. Many Secure Email Gateways offer email archiving and encryption that allow organizations to secure their sensitive data and meet compliance needs by storing copies of email for legal reasons. This means businesses can achieve greater security and meet legal compliance.
Secure Email Gateways provide Business Continuity, which means that all email operations can work as normal even if the email client used by an organization goes down. This works as the Email Gateway provider will provide users access to a cloud based email service in the case of an email client like Office 365 being unavailable.