UnixReview.com
January 2007

Book Review: Cisco Network Admission Control Volume II: NAC Framework Deployment and Troubleshooting

Cisco Network Admission Control Volume II: NAC Framework Deployment and Troubleshooting
by Jazib Brahim, Omar Santos, and David White, Jr.
Cisco Press, 2007
ISBN: 1-58705-225-3
$60.00

There is a dream that every security administrator has, and that is to have a network that is self-defending. While great strides have been made toward reaching that dream, it is still a long way from reality. Until artificial intelligence becomes a true reality (and not a novelty), there will always be a need for an active administrator to stay on top of threats and respond to them accordingly.

All too often, threats are thought of as external only — the evil hacker trying to break in for nothing other than committing malicious acts. The truth of the matter is that internal threats are often more real and more malicious in nature. Disgruntled employees, underappreciated managers, and luddites all possess the potential to do great harm to your network and its data, and they have the advantage of already being "trusted."

Network Admission Control (NAC) is one of Cisco's security solutions that serves as a step toward the self-defending network initiative. It constitutes a framework intended to keep your system safe from internal (as well as external) threats by enforcing security at all levels — forcing patching policies, regulating permissions, and so on.