Slide 1VisibilityForms of IdentityNetwork Access Control (Cisco)Why is Identity Important?Network Access ControlThe Future of IdentityWhat is Identity?Larry Edie & Annie BallewWho are you users? What do you know about your users?How can you cost-effectively manage this information? How can you use this information to enforce policy? VisibilityUser Based Identity◦Active Directory◦LDAP◦TokensMachine Based Identity◦Certificates◦Machine accountsIdentity based technologies◦802.1x◦Remote Access VPNForms of IdentityWhat else?4THE GOALNAC Server gathers and assesses user/device information Username and passwordDevice configuration and vulnerabilitiesNoncompliant deviceor incorrect loginAccess deniedPlaced to quarantine for remediationDevice is compliantPlaced on “certified devices list”Network access grantedNAC ServerNAC ManagerEnd user attempts to access networkInitial access is blockedSingle-sign-on or web loginAuthenticationServer123a3bQuarantineRoleIntranet/NetworkNetwork Access Control (Cisco)Regulatory Compliance◦PCI◦FISMAReducing RiskForensic AnalysisWhy is Identity Important?Why would we need NAC?◦You know who your users are, but do you know what they are carrying into your network? What are the implications of NAC?◦What are the maintenance implications? ◦How does this affect business productivity? Deployment Considerations◦What solutions are available? ◦Is it a worthwhile investment? Network Access ControlRole Based Access ControlFuture of NACWhat does Identity mean for future technical paradigms, such as IaaS, SaaS, and PaaS? The Future of
View Full Document