Network Access Control (NAC) Solutions

Network Access Control (NAC) Solutions Overview

What Is Network Access Control?

Network Access Control (NAC) Solutions are network security platforms emphasizing asset usage monitoring and restrictions and protections around sensitive data. They operate as traffic controllers, executing on defined policy and enforcing rule-based restrictions for identity and access management and preventing cross-contamination of critical network components by unsecured endpoints. Total NAC solutions combine hardware appliances with software, and they are often bundled with other networking or security capabilities, such as authentication, incident response, and network monitoring.


Network access control solutions help organizations enforce zero-trust security postures by automatically requiring both valid authentication from the requesting device and authorization from a pre-set list of policies and rules. They are most commonly set up at the network’s edge, but can also enforce policies when devices attempt to access different segments of the network internally. These policies and restrictions can be set based on IP address, device security profiles, or other user identifiers. NAC software is primarily focused on enterprise networks, although there are some products that can serve the SMB market as well.



Network Access Control Use Cases

NAC Solutions are important resources when establishing a zero-trust security posture, particularly at larger organizations. They can also provide additional network visibility. However, there are some newer use cases that modern NAC solutions have focused on serving.


Bring Your Own Device (BYOD) Policies


BYOD has become an increasingly standard, and even expected, policy for employees. However, the policy also creates a host of security risks and potential vulnerabilities. NAC solutions help mitigate that risk by forcing all devices, including BYOD, to prove they have the appropriate login credentials and security postures to gain access to requested resources. Since NAC policies can be heavily customized, it allows employees to bring their own devices without jeopardizing the entire network.


Internet of Things (IoT) Devices

IoT devices are becoming an ever more central part of modern business operations. However, IoT devices require some level of network access, and can be a rampant vulnerability for enterprises. NAC solutions can tailor resource access and permissions for specific devices or classes of IoT devices to give them the necessary access without giving vulnerable access to unneeded portions of the network.


Guest Access

Much like BYOD policies, network guests come with unpredictable security measures and often only need access to specific portions of the network. NAC solutions can give network guests a quality experience on the network while minimizing the risk that guests’ devices could be exploited by malevolent 3rd-parties.


Regulatory/Medical Compliance

NAC solutions can help certain industries stay compliant with data privacy and protection regulations. This is particularly true for medical organizations, who are at the intersection of a highly-regulated industry and exponentially-increasing volumes of at-risk IoT devices.


NAC Solution Comparison

When comparing different Network Access Control solutions, consider these factors:


  1. Scalability: How many endpoints is each product optimized for? Consider both the functional limitations of each product, as well as any pricing tied to scaling, such as the number of endpoints supported.

  2. Policy Customization: How easily customizable are the policy controls for each NAC policies? Consider the routine maintenance and updating that comes with adding on new device classes, increased network complexity, and other new factors that require administrator attention.

  3. Integrations: How well, and easily, does NAC solution integrate with the business’s broader networking and security tools? The main systems that should be evaluated include the business’s existing SIEM, networking monitoring, or endpoint security solutions.


Start a NAC solution comparison here


Network Access Control (NAC) Products

(1-25 of 26) Sorted by Most Reviews

Barracuda CloudGen Firewall (formerly NG Firewalls)

Barracuda CloudGen Firewalls provides a wide range of security and connectivity features, including web filtering, NAC and SSL VPN and other features for remote access, as well as protection as edge devices and IoT security.

SolarWinds Access Rights Manager (ARM)

SolarWinds Access Rights Manager (ARM) is designed to assist IT and security admins to quickly and easily provision, deprovision, manage and audit user access rights to systems, data, and files. By analyzing user authorizations and access permission you get visualization of who has…

Aruba ClearPass

Aruba ClearPass is network access control (NAC) technology from HPE company Aruba Networks. Aruba acquired Avenda and its eTips NAC in 2011.

SAP Access Control

SAP Access control streamlines the process of managing and validating user access to applications and data with minimal support from IT.

Forescout CounterACT

CounterACT is network access control software from ForeScout Technologies in Campbell, California.

Twingate

Twingate allows businesses to secure remote access to their private applications, data, and environments, whether they are on-premise or in the cloud. Built to make the lives of DevOps teams, IT teams, and end users easier, it replaces outdated corporate VPNs which were not built…

Sophos Network Access Control

UK-based Sophos offers Network Access Control technology.

Appgate SDP

AppGate SDP (software-defined perimeter) from Cyxtera Technologies headquartered in Addison is a zero trust network security product.

InfoExpress Network Access Control

InfoExpress in Mountain View, California offers Network Access Control technology.

Auconet Network Access Control

San Francisco-based company Auconet offers Network Access Control.

SecureTrust Managed Network Access Control (NAC)

Chicago-based Trustwave offers Network Access Control technology via the SecureTrust Managed Network Access Control (NAC) solution.

McAfee NAC (Discontinued)

McAfee NAC is discontinued since 2012.

Vidder

Vidder from the company of the same name in Campbell, California, is network access control technology.

CenturyLink Cloud Connect

CenturyLink® Cloud Connect delivers secure, high-performance and virtualized networking functionality to leading public and private clouds — Amazon Web Services, Microsoft Azure, Google Cloud, IBM Cloud, Oracle Cloud Infrastructure and many other leading public and private cloud…

Eltima Serial to Ethernet Connector

Serial to Ethernet Connector is a software product developed by Electronic Team Inc. and has been available commercially for over a decade. The application lets users create multiple virtual COM ports on a machine with no physical serial interfaces. This virtual serial port redirector…

Restorepoint Universal Console

Universal Console acts a single access gateway to all devices, controlling, monitoring and auditing access to network devices and servers. The vendor states that unlike most Privileged Access Management solutions that require weeks or months to deploy, users can start taking control…

Bradford Networks Sentry

Sentry from Boston-based Bradford Networks is network access control technology.

Forescout Platform

The Forescout Platform is a modular network security suite providing real-time device discovery and classification with Forescout eyeSight, and providing extended features as desired for network segmentation, access and security policy enforcement,failover recovery, appliance…

UserLock

UserLock from IS Decisions is a network access control and identity management solution.

ExtremeControl

Extreme Networks offers network access control (NAC) via its ExtremeControl standalone product which is also part of the Extreme Management Center suite of products.

SafeConnect

SafeConnect is network access control technology developed by Impulse Point in Lakeland, Florida and acquired by OPSWAT December 2019.

Ivanti Policy Secure (NAC), formerly Pulse Policy Secure

Ivanti Policy Secure (NAC), formerly Pulse Policy Secure (PPS) is a NAC that enables organizations to gain visibility, understand their security posture, and enforce roles-based access and endpoint security policy for network user, guest and IoT devices. Leveraging core network, mobile…

Portnox Access Layers

Access Layers from Israeli company Portnox is network access control software.

Steel-Belted Radius Carrier (SBR Carrier)

SBR Carrier is a standards-based AAA server that enables service providers to integrate their business intelligence into the network infrastructure, from Juniper Networks. It supports a range of access methods, including VPN, xDSL, FTTH, dial-up, 3GPP, WiMAX, UMA/Femtocell, and WLAN…

FortiNAC

FortiNAC is an IoT security and network access control solution that provides the network visibility to see everything connected to the network, as well as the ability to control those devices and users, including dynamic, automated responses.

Frequently Asked Questions

What does NAC stand for in networking?

NAC stands for “Network Access Control”.

What does Network Access Control do?

Network Access Control solutions let enterprises control whether each device/endpoint can access the network and what level of access/resources each device can get.

What is a Network Access Control List?

A Network Access Control List (NACL) is the set of policies and rules that determine what network access each device gets.

Why is network access control important?

Network Access Control is important to maintaining a zero-trust security posture. It is particularly crucial to securing the network against IoT and BYOD vulnerabilities.

Who uses NAC solutions?

NAC solutions are most commonly used by enterprises, particularly large enterprises, who need the centralized network policy management at scale.