网络准入控制案例.pdfVIP

Network Access Control: Case Study Gaurav Saxena, D.Sarkar, N.C.Samanta, C.D.Datta, Tapas Samanta, P.S.Roy, Somesh Soni Presented by: Gaurav Saxena, Computer Informatics Group, VECC, Kolkata SACET09, October 28-29, 2009 Network Access Control (NAC): Case StudyNetwork Access Control (NAC): Case Study  Introduction  Aim for NACAim for NAC  NAC Components  PacketFencePacketFence, an open source NAC an open source NAC  Case Study: VECC LAN  Getting StartedGetting Started  PacketFence Implementation  Custom VLAN Assiggnment Function  Working SACET09 October 28-29, 2009 Network Access Control: Case StudyNetwork Access Control: Case Study  Introduction  Aim for NACAim for NAC  NAC Components  PacketFencePacketFence, an open source NAC an open source NAC  Case Study: VECC LAN  Getting StartedGetting Started  PacketFence Implementation  Custom VLAN Assiggnment Function  Working SACET09 October 28-29, 2009 IntroductionIntroduction  NAC is a way to apply access control policy inside the network, and forces its users to comply with policy before gaining access to the networknetwork.  For eg.  “Only registered users, from registered devices, having OS patch level 2 ((Windows Vista)) with antivirus uppdated, are allowed to access wired network from Main Building”.  The basic concept behind is “Who you are should govern what you are allowed to do on the network ”. It is a “user focused”, “networknetwork-basedbased”, “access controlaccess control”.  For eg.  “Who you are” refers not only to the user credentials but also on factors such asfactors such as Authentication + Endpoint- Security + Network Environmental Information.Information.