Category

Our Technology

What is Network Access Control (NAC)?

By | Cloud Security, IoT, Network Access Management, Network Security, Our Technology, Threat Detection and Response | No Comments

An Examination of NAC, its Use Cases & its Future

Network Access Control (NAC) sits within the larger field of cybersecurity, and more specifically network security. It is a technology that enables organizations to enact its own unique policy for how and when endpoints (desktops, laptops, smartphones, etc.) can connect to their corporate networks. NAC solutions are typically designed to allow IT security teams to gain visibility of each device trying to access its network, and specifically the type of device and access layer being used (i.e. wifi, wired ports, or VPN).

Today, NAC provides a number of powerful features on top of what it was originally designed for nearly 15 years ago. These include security posture assessments for endpoints, which pinpoints any associated endpoint risks, allowing network security administrators to control network access based on their organization’s risk tolerance threshold.

With the rise of cloud computing, remote workforces, bring-your-own-device (BYOD) policies, and the internet of things (IoT), network access control has become a much more critical part of the larger cybersecurity technology stack at most companies. The technology itself has also evolved quite drastically in response to these emerging trends and their impact on networking and ensuring network security.

Expanding networks makes cloud based access control more important than ever.

The use cases for NAC today are constantly expanding. Network security professionals leverage NAC solutions for network visibility, the discovery of endpoints, security profiling, compliance enforcement, remediation…the list goes on. In general, NAC is designed to do two core tasks: 1) authenticate the endpoint trying to connect to the network, and 2) authorize access based on authentication and posture assessment.

Throughout this piece, we will examine how NAC is being used out in the real world, things to consider when defining your NAC policies, the best way to invest in NAC, and more. Feel free to skip to any section using the links below:

The Value of Network Access Control

Network access control delivers a host of benefits to the organizations that deploy it. Generally speaking, the value unlocked by NAC can be broken into three distinct areas of focus: 1) operational need, 2) security best practices, and 3) regulatory compliance.

A network access control system can be leveraged for a number of operational purposes.

Operational Need

One of the most interesting aspects of NAC is the fact that unlike many other areas of network security, it brings more than just the value of security to the table. In particular, NAC delivers three core operational values:

  • Device Onboarding – Properly connecting and removing new non-managed devices to/from the network.
  • Guest / Contractor Access – Securely granting limited access for third-parties connecting to the network, either for short or long periods of time.
  • Asset Profiling – Identifying which devices exist in your organization and where they are connecting from.

Security Best Practice

The importance of network security goes without saying. Network access control, however, checks the boxes for a variety of IT security best practices, including:

  • WiFi Security – Nearly 20% of SMBs experience a data breach by a former employee who still has WiFi access…make sure you can control all WiFi connections.
  • VisibilitySee all devices on your network – no matter device type, location, or access layer used to connect.
  • Containment – The ability to quarantine, block, or provide limited (guest) access to endpoints that do not meet your internal risk policies.
  • Asset Profiling – see above.

Regulatory Compliance

Highly regulated industries like banking, financial services, and healthcare require strict compliance policies when it comes to their networks. NAC helps to deliver this and more through:

  • Posture Assessment – Continually assess the risk posture of connecting devices across the network, no matter location or access layer.
  • Port / Wired Security – Ensuring no un-trusted device can physically connect to the network via wired ports in the office.
  • Segmentation – Properly directing employees into their respective departmental VLANs, or pushing visitors to the guest network.
  • WiFi Security – see above.

Individual Use Cases for Network Access Control

Within each of the three primary areas of value of NAC are a variety of different use cases for NAC. These include…

Device On-Boarding

NAC is frequently used for device onboarding, which is the process of providing new devices with access to the corporate network for the first time. It sounds simple, but it’s anything but. Business units and even departments (think Finance & Accounting, for example) often have their own VLANs since they’re dealing with very sensitive, confidential data.

Network access security is evolving as companies become more and more distributed.

The task of setting up such VLANs and onboarding new devices is just one of dozens of tasks overseen by frequently overburdened IT teams. So, if not done correctly at first, it can open the door to potential network vulnerabilities, such as a person gaining access to a part of the network he/she should not have the privileges for.

At a small scale, managing access manually if often sufficient. For larger organizations, however, this just isn’t sustainable. As a result, many large organizations that don’t have a secure onboarding process will often compromise on network security hygiene.

Guest Access

At some point in the workday, most companies will have non-employees visiting their offices for meetings and business dealings. These guests are typically on-site for brief periods of time but may need wifi access during the course of their stay.

Typically, each organization defines the level of authentication and monitoring they want for their visitors. Common policies include:

  • Disclaimer Only – Notifying the rules for which they might need to abide while using the company network.
  • Pre-Generated Username & Password – Simple authentication for better control of whom is connecting the network
  • Sponsorship – Authentication based on an individual working for the organization. Usually, the sponsor will receive an email to approve the connected guest.

Many organizations offer a guest network, where day-to-day visitors are directed. This approach effectively eliminates the most common threat – someone that is just looking to be connected to the internet. The most common way to implement network access for guests is through the use of a captive portal.

Contractor Access

Additionally, many businesses hire contractors or consultancies to tackle specific projects. These individuals and groups will need network access for extended periods of time and will need to be granted access to company resources and sensitive, proprietary data. NAC is used to dictate and enforce the level of access these types of individuals receive based on internal policies.

BYOD

In recent years, remote work has soared due to a greater demand for mobility and flexibility. This has given rise to the adoption of bring your own device (BYOD) policies within many organizations. Now, while this approach makes operational (and even financial) sense, it does come with a caveat. By allowing employees, contractors, and guests alike to use their own devices to connect to the network, you’re immediately faced with issues like data leakage, malware infections, the mixing of corporate and personal data, and more.

To secure network access, you need to understand how your organization uses devices.

With BYOD, a network access control solution can effectively secure such a fragmented network through multiple methods of authentication, and by making sure device risk posture is valid and continuously remediating any security issues in real-time. First, network security administrators can use a dedicated SSID for employee device authentication – no matter if it’s managed or personal. They can then create a separate SSID for guests and contractors to authenticate those individuals to the guest wifi.

The other option available for authentication is through the use of directory credentials. Integrating tools like Okta or Active Directory with your NAC can allow you to authenticate manage corporate devices through certificates, and personal credentials for BYOD.

Captive Portal

Captive portal is a web page for authenticating users and verifying their device type and posture state. While this method is sufficient for visitors, it is an insufficient solution for employees or permanent visitors on your network. The most common use cases for captive portal are:

  • Guest access
  • Self-service portal for BYOD / IoT on-boarding

It’s important to note that this is an interactive method to access the network, so when non-interactive devices, such as IoT are “pushed” to a captive portal, they can not react and thus can not gain access to the network. In order to use IoT onboarding with a captive portal, the end-user should either register the IoT in the self-service portal or download some form of credentials to be inserted to the IoT device (such as a digital certificate).

Remote Access

For fully remote employees or contractors, companies have traditionally relied on VPNs to establish secure encrypted connections for remote access to the corporate network. A VPN does not stop an endpoint from accessing the network, however – it’s only a way of providing remote network connectivity. By itself, a VPN is missing the ability to authenticate a user – it can not prevent “unhealthy” devices from connecting to the network.

In the instance of remote access, NAC can be layered over the top of a VPN, VDI or other remote access methods, such as a Meraki Z3 Teleworker Gateway, to provide effective authentication and access control, as well as endpoint risk profiling – just like any other access layer (i.e. wifi or wired port).

Device Risk Posture Assessment

Your corporate network is only as strong as its weakest security link. This means continuous risk posture assessment is paramount. By continually monitoring the network, your network and security teams can stay ahead of cyberattacks with the ability to identify new risks in real-time, react to these risks, and take action. In a world with ever-expanding boundaries and an exponential increase in types of endpoints, continuous risk posture assessment must function no matter location, device type, or the type of data is being transferred.

Endpoint Remediation

Having a rapid remediation plan in place will not only help prevent further damage or the lateral spread of attacks but also allow for business continuity. Effective endpoint remediation consists of:

  • Automated Patch Updates Across the Network – Enforce necessary patch, anti-virus, operating system, and application updates across managed and unmanaged endpoints.
  • Immediate Incident Response – Contain ransomware events by remotely disconnecting endpoints from the network without the need for manual intervention.
  • Armed Incident Response Teams – Arm IT professionals and network admins with the ability to remotely take actions on employees’ devices.

The proliferation of IoT devices over the last decade has prompted a growing number of network security concerns. With all of these devices – printers, CCTV cameras, ATMs, MRI machines, etc. – now connected to their respective networks, it’s exponentially expanding corporate threat surfaces.

A NAC solution can be used to control the access of IoT devices.

To combat the many risks posed by these new endpoints, companies are turning to NAC to gain visibility, knowledge, and control over IoT devices – much the same as traditional PCs and VoIP phones based in the office. There is a huge variety of IoT devices, and in general, there’s a serious lack of centralized management with regards to their security posture. Many of these IoT devices still rely on IT security technology from the 1980s, with no password brute force controls and no available patches.

It’s not a question of if vulnerabilities exist on IoT devices, this is a given. Today, it’s a matter of ensuring these devices can be properly controlled to they can’t compromise the network. Currently, the only line of defense is segmenting them out of the network. Making sure only authorized users and devices can access them – this is exactly what NAC solutions are doing in an automatic method.

Regulatory Control

Industries like banking, financial services, and healthcare are typically subject to a plethora of compliance regulations, such as SOX, HIPAA, PCI-DSS, GLBA, and now GDPR. Embedded in many of these regulations are certain network security parameters that necessitate access control so that sensitive personal and confidential information is not compromised.

Once a company has defined its internal network security compliance policies, it needs to implement a network access control solution to put in them into effect in order to continually assess its compliance standing.

Compliance

NAC is used to enforce regulatory policies and maintain compliance across the organization. In practice, this typically means:

  • Understanding how mobile, BYOD, and IoT devices will affect and transform not only the organization but the industry and implementing the right processes and tools control them.
  • Tracking any network related device or program in real-time via a centrally secured platform providing full and actionable visibility.
  • Controlling access to the network and to cloud applications, even based on the geographical locations of users.
  • Ensuring that the business is in compliance with governmental regulations like SOX, PCI DSS, HIPPA, FINRA, FISMA, GLBA among others. Strict compliance will provide legitimacy with clients and partners.

Common Network Access Control Policies

Access Control Policies

Network security teams define and activate access control policies to control device access to the corporate network, which is ultimately based on the device authorization state. Once a device is authorized for network access, a network access policy determines which specific virtual LAN (VLAN) that device or user is directed to. On top of that, the policy also defines, for each type of authorization violation, whether to deny entry or whether to quarantine the device by assigning it to a specific VLAN or apply an ACL.

Risk Assessment Policies

In addition to defining an access control policy, network administrators will typically define a risk assessment policy, which assigns a risk score to each device. This score will indicate the level of risk posed by the device. Depending on the NAC solution in use, these risk scoring systems may differ. A risk assessment policy defines, for each device attribute (such as OS, security posture, geo-location, and more), the risk rating to apply if the device violates the current policy in use. At the end of the day, the risk score is used to determine whether allow, block, or quarantine from accessing the network. This is the backbone of NAC.

Remediation Policies

In some instances, the network security team may define a series of remediation policies. Essentially, a remediation policy consists of unattended corrective and preventive actions (CAPA), automatically applied to devices upon every transmission or on a recurring basis. A remediation policy can be used to reduce devices’ risk scores and increase compliance levels for network access.

Common Network Access Control Concepts

Post-Connect vs. Pre-Connect

Within the world of network access control, “post-connect” refers to a device being allowed to connect to the network and immediately being checked for authentication. If a device does not meet the organizational criteria for authentication, it will be blocked from having access to the network (or access will be limited).

In contrast, “pre-connect” means that authentication decisions are being made before a device is allowed on the network. Only once the device is authenticated will it be granted access to the network based on the policy. 802.1X is a traditional pre-connect method.

In general, a pre-connect approach is more secure since the device is granted access to the network only after identified as an organizationally trusted device. Post-connect is more operational for end-users, as they are granted access to the network before a decision is made.

Agent-Based vs. Agentless

Today, most NAC solutions can perform authentication and authorization without the need of an agent. Agents are typically employed for the following reasons:

  • Risk Posture Assessment – This mainly the case for companies with BYOD policies.
  • Remediation – In order to know if a firewall or anti-virus is out-of-date, you must have an agent.
  • On-Boarding of Unmanaged Devices – Again this mainly applies to BYOD.

In some cases, the agent does not need to live within the network access control solution. Rather, third-party agents such as mobile app management software (MAM/MDM) and services can be leveraged to execute the above functions.

Cloud NAC vs. On-Prem NAC

As we go into further detail below, if you can move NAC to the cloud, you should. There is a myriad of benefits to doing so. At a high-level, these include operational time savings thanks to easier deployment and less on-going maintenance, better accessibility (especially for distributed enterprises), more flexibility as your business needs change, etc. In general, enterprises are increasingly adopting purpose-built cloud technologies for different operational needs, and NAC is no exception.

Not every organization has the ability to deploy a cloud NAC solution, however. One of the main hindrances of doing so is a lack of openness or internal expertise for cloud services. There still remain dwindling concerns, misconceptions and unrealistic expectations over the potential benefits and overall security of public cloud services, which has resulted in some industries such as government agencies, healthcare, and education – to name a few – to be slow in adopting new enterprise cloud technologies.

Passive Profiling vs. Active Profiling

A core function of NAC is the profiling of network traffic and connected devices. In general, there are two approaches to profiling: 1) passive profiling and 2) active profiling.

Passive profiling means that a company’s NAC solution has been allowed to see all traffic across the network, and uses this intelligence to observe and analyze traffic to develop a passive profile of each device. On the other hand, active profiling means that a company’s NAC solution has been configured to initiate requests to the endpoints so that each device can have a profile created for it.

Must-Have Network Access Control Solution Capabilities

Full Access Layer Coverage

As today’s networks explode in size and scope, particularly with remote workforces on the rise, it’s imperative that your NAC solution can manage access control across all existing access layers. This includes the obvious – wired ports and WiFi. It also must be able to manage the various remote access methods used within your organization. These may include VPN, virtual desktop infrastructure (VDI), Meraki Z-Series Teleworker Gateways, and beyond.

Network access control solutions must cover wired ports, wifi and VPN.Cloud-Delivered

Nearly primary management and productivity tool used by businesses have shifted to the cloud. Network access control is no exception. The inherent productivity, operational, economic, and accessibility benefits have driven this trend in the last fifteen years.

When it comes to NAC, however, there is a big difference between cloud-based and cloud-delivered. Some NAC providers offer an accessible cloud-based platform from which to manage network access, but this typically still requires on-site hardware to be installed. With a cloud-delivered approach, you stand up everything from a RADIUS server in the cloud to allow for centralized authentication and authorization up to certificate authority. This saves a significant amount of time and means that even large distributed organizations can implement NAC across their many locations in a fraction of the time as traditional on-premise network access control solutions.

802.1X Authentication

Today, 802.1X is the standard protocol for network access control. When searching for a NAC solution, the ability of the system to deliver 802.1X authentication is of the utmost importance. With access control based on 802.1X, network administrators can confidently block rogue devices, quarantine noncompliant endpoints, limit access to specified resources – whatever your internal policy calls for. 802.1X remains one of the best ways to authenticate devices because of its continuous and direct communication, in contrast to post-scanners, or other less secure authentication solutions that expose the network to vulnerabilities.

Zero-Trust for Endpoints

While “zero-trust” has become another overused buzzword in the world of network security, it is, in fact, an effective approach to sealing your network off from rogue devices. With zero-trust, an organization inherently does not trust any endpoint inside or outside its perimeters. A zero-trust network access control solution can eliminate the need for extensive endpoint scanning since the status of a device is already known. This doesn’t eliminate all of the attack surfaces, but it does help in protecting both endpoints and your network.

Endpoint Risk Assessment

The ability to continuously assess the risk of devices connected to or trying to connect to your network is paramount. Understanding the risk posture of devices – on-site or remote – and proactively taking action based on endpoint risk – such as allowing, quarantining, or denying access across access layers – is the best way to ensure network threats are kept at bay.

The world is changing – threat surface is expanding, and companies are increasingly turning to purpose-built enterprise cloud applications to streamline business processes. Today, it’s not enough to just protect what’s on-premise – you need to know the risk posture assessment of every device that connects to corporate resources, no matter location.

Continuous Device Remediation

Awareness is only a piece of the puzzle, however. When considering a NAC solution, it’s important to understand if it can easily remediate devices that sit outside of internal risk policies and restore those devices to the proper posture to eventually grant network access. Put simply, ensuring devices are healthy reduces security risk. That means network administrators can sleep a bit more soundly at night.

As we covered earlier, real-time device remediation has a major operational benefit as well – it saves time! By eliminating the need for network or security administrators to fix devices manually, you’re freeing them up for more important tasks.

Corrective & Preventative Action (CAPA)

Risky technology behavior like inserting an untrusted USB drive, or failing to update a firewall or anti-virus is prevalent. We’re almost all guilty of it. The ability to prevent this risky behavior is thus important. Not just for the sake of lowering the exposure time, also saving important time for the organization by fixing the issue automatically and preventing a potential breach.

Multi-Factor Authentication (MFA)

Leveraging MFA for NAC that looks at a user’s credentials and an enrolled device is critical to ensuring access control across today’s expanding networks. MFA should be integrated within your NAC, especially on remote access. This approach ensures that security is offered on two levels: protection of the user identity, and authorization of the device – making sure only managed and secure devices are allowed to gain access. With MFA, if a user’s credentials are compromised, they’re effectively useless and if the device being used is not enrolled with the NAC you cannot access the VPN, VDI, or cloud applications.

The Future of Network Access Control

NAC and the Rise of SD-WAN

The adoption of Software-as-a-Service (SaaS) and cloud services has decentralized data traffic flows, making Multiprotocol Label Switching (MPLS) inefficient for wide area network (WAN) transport. This has given rise to SD-WAN for the implementation of software-defined branch (SD-branch), now allowing IT environments to be extended to branches outside of the headquarters that need high-quality network connectivity.

NAC security is evolving with the rise of SD-WAN.Traditionally, in order for NAC to effectively operate, it has needed a direct connection to headquarters and appliances deployed on-site at individual branches. This is a costly, time-consuming endeavor, and has historically limited the use of SD-WAN and SD-branch. NAC has adapted by moving to the cloud, eliminating the need for on-site appliances and on-going maintenance. Now, all one needs is an internet connection to implement.

The Impact of Secure Access Service Edge (SASE) on NAC

In 2019, Gartner introduced SASE as a new enterprise networking technology category. In essence, SASE converges the functions of network and security solutions into a single, unified cloud service. This marks an architectural transformation within the realm of enterprise networking and security, and it means that IT teams can now deliver a holistic and flexible service to their businesses.

Network visibility solutions must take SASE into account.The logical next step in the evolution of network security is for organizations to be able to leverage a NAC solution that’s delivered as a cloud service. This eliminates the need for costly on-site appliances and on-going maintenance. Now, all that’s needed to control network access at branches and the headquarters alike, is an internet connection.

frost and sullivan

Portnox Named Network Access Control Market Leader for Midsize to Large Organizations by Frost & Sullivan

By | Our Technology | No Comments

“Easy NAC”… Easier said than done?

As you know, the enterprise network no longer sits within traditional and secured walls in offices. The enterprise intellectual property, data bases, workflows and communications have been moving in a perimeter-less environment for a while now, extending to any place where employees and data travel. Mobility, digitization, and IoT have changed the way we live and work, resulting in ever expanding networks and increasing complexities in resource management and disparate security solutions.

The fact that organizations are decentralizing has made it more important than ever to have solid network security and controls for every endpoint, no matter which access layer is being used to connect with the network. For this reason, having centralized and software-based network access controls (NAC) are more important than ever. No matter where your employees are connecting from and through which devices, no matter which contractors or guests are requesting access; IT security teams can now offer smooth continuity of workflows and productivity while maintaining full visibility and implementing security-controls on any endpoint accessing the enterprise network.

Simplicity.

Over here at Portnox, we must take all of the latest changes to the network into consideration as we continue to innovate and craft our solutions. It helps that the main focus point at Portnox has always been to deliver a simple experience to the end-user as well as the IT administrator. Portnox solutions simplify onboarding, operations and maintenance by offering simplified architecture in a centralized, software-based solution for easy deployment and management. Our team does not deal with physical appliances but rather delivers software solutions – whether using the on-prem or cloud options. All solutions function across all access layers, providing 100% coverage and visibility of the network and continuous risk-monitoring.

For these reasons, among the main NAC vendors, Portnox has been named the leader for network access control products in the category of midsize to large organizations with a 22% market share by global research firm Frost & Sullivan. In the new report, analyst Tony Massimini said: “Portnox’s simplified architecture, which supports both 802.1X authentication and SNMP based control, sets it apart from competitors.” A full copy of the report is available here.

The Frost & Sullivan report highlighted several Portnox innovations, including:

  • Agentless architecture (but includes optional agent) for specific use cases, including continuous risk monitoring for roaming devices, remote access and cloud access.
  • Vendor agnostic design that connects directly to network infrastructure equipment via native protocols
  • Support for both 802.1X and non-802.1X devices
  • Powerful RESTFul API which enables customers to automate threat response workflows
  • Unique, profiling (fingerprinting) technology

Managed Service Providers (MSPs) and Managed Security Service Providers (MSSPs).

Oftentimes, SMB to Large organizations turn to Managed Service Providers and Managed Security Service Providers (MSP/MSSPs) to handle their cyber security protective services.

In reviewing the key factors to growth in the NAC market in 2018, the report cited, among other things, the severe shortage in skilled security professionals that challenges all organizations, but more so the SMB-to-large segments than large enterprises. Next-generation NAC provides tools to offload many of the functions and automate workflows, thereby helping these organizations to overcome this shortage in skilled IT security professionals. At the same time, NAC will insert great relief to the many overworked and busy IT teams that are handling Network security and administration responsibilities.

This same automation and ease is extended to the management of customers by MSP/MSSPs. Portnox offers convenient and scalable NAC as-a-Service that allows MSP/MSSPs to serve their customers quickly, to keep track of what they are using and to handle growing organizations efficiently.

Vision

No matter the circumstances of the organization, Portnox is proud to offer a solution that is flexible and simple enough for anybody:

  • On premises Vs. cloud-delivered network security platforms
  • 802.1x protocols Vs. non-802.1X systems
  • Agentless Vs. agent (based on use case)

Read all about it in the full report available here

Here’s to a secure, productive and prosperous 2019!

throwing money away

Stop Tossing Money Out of the Window and Start Investing in NAC as-a-Service from the Cloud

By | Our Technology | No Comments

Tired of bleeding waterfalls of money with your old on-premises NAC solution (Network Access Control)? At the end of the quarter, it is hard to ignore that the indirect and hidden fees that some companies charge make up a big chunk of change in the expenditure associated with old legacy solutions.

When was the last time you bought an on-prem (on-premises) application for your organization? Most CIOs and CISOs have seen their share of large-scale on-prem technology implementations, maintenance and software upgrades with (typically) a high overhead for the enterprise. Most will testify that the strategy of using technologies delivered from the Cloud has had significant cost-savings and operational efficiencies. So now that you have decided that your company should apply a NAC solution ASAP (always a responsible idea), you should consider the cost savings with NAC delivered from the Cloud and as-a-Service Vs. the higher expenses with most older on-prem NACs.

When reviewing the total cost of ownership required for on-prem NAC technologies (based on published methods of calculating them), one finds that with on-prem NAC there are typically large capital outlays to:

  • Purchase servers
  • Data-centers
  • Hardware
  • Software
  • Appliances
  • Implementation fees
  • Training fees
  • Labor (you need an IT staff to be able to manage an on-prem solution)
  • Customer support
  • Software updates and upgrades

This unfortunately places a strain on company finances and cash-flow, as well as taking away from other more mission critical initiatives. In a Cloud environment the cost is typically an OPEX (Operating Expense) amount paid and expensed monthly. This category of business expense is easier on the company’s pocket book and allows cash reserves to be used for more critical business initiatives and investments, while at the same time there is not a long term commitment required to get started.

UsinNAV saving Calcg NAC as-a-Service Cloud solution eliminates many CAPEX costs (Capital Expenditures) as well as substantially reducing the monthly operational costs. The NAC as-a-Service option will also shorten the lead-time required to roll out the technology, providing yet another avenue of cost savings as your time and your team’s time is worth money. Additionally, your team members will be focused on more value-added projects thus increasing the company’s efficiency and bottom line profits. Altogether avoidance of the costs attributed to the hardware, the floor space, heating and cooling, the equipment and the staff required to support and maintain on-prem NAC could be enough right there to decide to use NAC as-a-Service from the Cloud.

And the best part? Your CIO and/or CISO does not have to spend a lot of time and effort on due diligence or planning a strategy. He/she can pick a small pilot and go. There is nothing to lose and everything to gain. Did we mention that the company can cancel and walk away at any time?

Don’t take anybody’s word for it – check the cost-savings out for yourself via this easy to use cost- savings calculator. The benefits are tremendous, and in the end, your easy step forward into NAC as-a-Service from the Cloud will be well worth it.

Employees Working All Over The World? Learn How to Protect Your Network from the Cloud

By | Cloud Security, Our Technology | No Comments

Every enterprise has a different pain point when it comes to security, whether it employs a large remote workforce or the company operates at a global scale. According to a survey by Gallup, 37% of U.S. workers have worked from home, which is up from 9% in 1995. This trend in an agile employee base allows companies to be competitive with one another when hiring talent, but it is leaving back doors and heightened risks to your network. With the right technology, companies can control access to its networks in any region and from any device.

Here are two use cases where NAC as-a-Service helps organizations control its network security. You can read more in the NAC-as-a-Service eBook.

Enterprises with Remote Workforces

As companies adopt work from home policies, it is raising security concerns for IT departments. Remote workers and co-working spaces aren’t just for startup entrepreneurs anymore. In fact, Fortune 500 companies like GM, GE, IBM and Microsoft all rent office spaces from WeWork. According to Gallup, the average U.S. employee works remotely at least two days a month. 9% of those polled work from a remote location for at least ten days a month, whether that is from their home office or a more public location.

Remote employees often connect to wireless networks that are also being accessed by other individuals whether the employee is at a coffee shop or traveling using their hotel’s guest Wi-Fi. Many companies require remote employees to authenticate their devices via a virtual private network, but enforcing VPN policies can be difficult. Using these connections may leave back doors open for hackers into the enterprise’s network.

With NAC-as-a-Service, IT departments gain visibility into their network endpoints from the cloud, giving network administrators the contextual knowledge to be confident their data and networks are secure. With strong authentication credentials, NAC as-a-Service prevents unauthorized access.

Global Companies Looking to Minimize Risk

With the growth of BYOD, IoT and companies scaling their business globally, the need to control network endpoints and streamline security practices for the network is higher than ever.  Managing global networks with multiple regional offices can be daunting. With global corporations like GE, IBM, and Microsoft encouraging co-working spaces more IT departments are sitting down to minimize the potential risks to their network. If a vulnerable device is attempting to join the network at a regional office or a shared office space like WeWork, it may put the entire global network at risk. Many traditional NAC solutions are on-premise and some regional offices may have differences in their security policies. Streamlining these policies are crucial, and with a cloud NAC solution there is no requirement for any hardware or complex installation, and can, therefore, be streamlined across a global network from the cloud.

Whether you are managing regional offices or your IT department is authenticating your work at home employees, with NAC-as-a-Service small businesses and large enterprises can monitor their risks and secure entire networks with ease. Portnox CLEAR works to put IT department’s minds at ease with NAC via the cloud whether your company works at a global scale or you are retaining a large remote workforce.

Interested in reading more about the next generation of NAC? Read our NAC-as-a-Service eBook.

nac as a service webinar

NAC as-a-Service: What it means and how it works? – Webinar

By | Our Technology | No Comments

Watch our webinar to find out what NAC as-a-Service is, how it works and how your company can benefit from it.

As we all know, NAC has been around for a while, but NAC as-a-Service, offered from the Cloud, is the new word in the market. It is true that NAC as-a-Service is still just starting out, but with the demand for current solutions, like our Cloud NAC solution, Portnox CLEAR, it’s clear that organizations are ready to take the leap and start securing access to their networks with an agile cloud-based solution.

So what is NAC-as-a-Service?

NAC-as-a-Service offers all of the same features and capabilities of an on-premise or appliance-based NAC solution with the agility, flexibility and ‘always-on’ benefits of a cloud service. This means that deployment and integration with the corporate network is a seamless zero-touch process, similar to accessing other cloud services, and the pricing model is subscription and use-based – you only pay for the endpoints you need to secure.

That is not all. NAC-as-a-Service is a one-of-a-kind offering in that it enables the strength of what used to be considered the impossibly complex 802.1X authentication protocol, from the cloud as-a-Service. By enabling 802.1X from the cloud, everything is already pre-set up and so organizations can extend strong authentication across their risk-based perimeter and to every location – on and off premise – even at the beach! It is that easy!

With NAC-as-a-Service, controlled access inherently means controlling organizational exposure to digital business risks.

Check out our webinar to learn more about NAC-as-a-Service solution and how your organization can benefit from it.

Try Portnox CLEAR Now!

Portnox Wins Two Cybersecurity Excellence Awards

By | Cloud Security, Network Access Management, Network Security, Our Technology | No Comments

We’re excited to share that Portnox won the Cyber Security Excellence Award in two categories, including:

  • Silver Winner for Most Innovative Cybersecurity Company: Portnox
  • Bronze Winner for Cloud Security category: Portnox CLEAR

“Congratulations to Portnox for being recognized as a winner in the Most Innovative Cybersecurity Company and Cloud Security categories of the 2018 Cybersecurity Excellence Awards,” said Holger Schulze, CEO of Cybersecurity Insiders and founder of the 400,000-member Information Security Community on LinkedIn that organizes the awards program. “With over 400 entries in more than 70 categories, the 2018 awards are highly competitive and all winners truly reflect the very best in today’s cybersecurity industry.”

The 2018 Cybersecurity Excellence Awards are an annual program that recognizes products, companies and individuals that exhibit innovation, excellence and noteworthy leadership in the information security space, based on the strength of their nomination and the popular vote from members of the Information Security Community.  You can find Portnox listed among the winners here.

Read more about Portnox CLEAR, Cloud NAC solution or simply Try it Now!

2018 Top Cybersecurity Events Not to Be Missed!

By | Cloud Security, IoT, Network Access Management, Network Security, Our Technology, Threat Detection and Response | No Comments

You want to stay ahead of the game? The following list of cybersecurity events will help … and they are fun too!

Whether you are a security professional, software developer, security administrator, or any other role in the IT security fields, attending a conference is a great way to network with other professionals and learn about the hottest market trends, new developments, improvements, innovation and information.

Plenty of great cybersecurity conferences are coming up in the months ahead and the Portnox team will attend several of these. We’ve identified these top cybersecurity events that should be on your list. Check them out and update your calendar!

Cybertech Israel

January 29- 31, 2018
Tel Aviv, Israel

The event is positioned as a global meeting place, featuring representatives from organizations of all sizes, from multinational corporations to emerging startups. There will be a special pavilion for startups, as well as a competition in which entrepreneurs will present their ideas to a panel of international judges. Topics under discussion during the conference include the Internet of Things (IoT), big data and Finsec New in 2018 is a sister conference and exhibition, AutoTech, focusing on the future of smart mobility and the automotive.

Oracle CloudWorld

February 16, 2018
New York City, USA

Oracle Cloud World brings together forward-looking professionals responsible for finance, operations, supply chain, human resource, sales, marketing, customer service and IT. Learn how leading companies are leveraging the cloud for competitive advantage. Experience what works, what doesn’t, and identify solutions and approaches to accelerate your innovation.

Gartner Identity & Access Management Summit

March 5- 6, 2018
London, UK

The Gartner Identity and Access Management (IAM) Summit will focus on some of the hottest topics for the coming year, including the role of identity management in securing cloud and mobile apps, the IoT and the importance of privileged access management. For those preparing for the General Data Protection Regulation (GDPR), there is also a focus on the role of IAM as it applies to the privacy regulation.

Infosec World 2018

March 19 -21, 2018
Florida, USA

InfoSec World 2018 Conference & Expo is bringing together CISOs, CIOs, CTOs and other security practitioners who will share hands-on and practical advice on a wide range of security topics. From understanding your adversary to learning about the 0-day exploit market to bridging the gap between the technical and business aspects of security, InfoSec World 2018 will offer a chance for security professionals to learn something new and analyze ideas with peers.

Cloud Security Expo

March 21 -22, 2018
London, UK

Cloud Security Expo is the fastest growing section of the Cloud Expo Europe event series attracting a record-breaking 19,926 Enterprise IT & Security Buyers and Specialists in March this year! Cloud Expo Europe Keynote Theatre hosts foremost international technology leaders, including internationally acclaimed and top-rated visionaries, senior industry speakers and executives driving a global transformative shift towards cloud computing and other disruptive technologies. Speakers will deliver their outlook on the future, plus leading CIOs and senior IT professionals will be sharing their roadmaps to digital transformation, where cloud lives in the heart of the engine room. Cloud Security Expo provides the tools, training & techniques to ensure companies are compliant and secure as they transition their business assets to the cloud.

To register for the event, click here.

RSA
April 16-20, 2018
San Francisco, CA, USA

The largest cybersecurity event in the world today. The RSA Conference USA 2018 is dedicated to information security topics including data breaches, Cyber threats, compliance, social engineering, cloud security, risk management, application security, mobile security, governance, data security, legislation and policy, law, cryptography and identity management. It brings together information security professionals from across the globe working in industries such as Computer Software Development Finance, Banking, Healthcare, Government, Pharmaceuticals, and Manufacturing. Hear from world-class speakers on topics such as “The Most Dangerous New Attack Techniques, and What’s Coming Next”.

Interop ITX
April 30 – May 4, 2018
Las Vegas, NV, USA

Interop ITX combines a trusted Conference program with a vendor-neutral Business Hall and lots of networking events. The event is entering its 32nd year serving the IT community and it is an opportunity to learn about technologies and solutionsץ You may not realize how much the show has evolved during that time, growing from a plugfest ensuring network interoperability to an industry-oriented trade show to its current model: a week-long event centered around its conference program, including educational sessions, long-form tutorials, mainstage keynotes, sponsored content and a business hall showcasing technology.

Our CEO is Speaking! Sign up for his hands-on IoT workshop here.

Gartner Security & Risk Management Summit
June 4- 7, 2018
National Harbor, MD, USA

The Gartner Security & Risk Management Summit 2018 will focus on practices and strategies that will provide cost-effective security and risk programs in order to support digital business and drive the success of your business or organization.

Among the exhibiting companies are IBM, Thales, Cylance, Varonis, Symantec, HP enterprise, Verizon, Sentinel, AT&T.

InfoSec Europe
June 5-7, 2018
London, UK

Infosecurity Europe (Infosec) is the region’s number one information security event featuring Europe’s largest and most comprehensive conference programme and over 400 exhibitors showcasing the most relevant information security solutions and products to over 19,500 information security professionals. Each year this conference features many sessions on NAC. Watch this space!

BlackHat USA
August 4 – 9, 2018
Las Vegas, NV, USA

Black Hat is the most technical and relevant global information security event series in the world. For more than 18 years, Black Hat has provided attendees with the very latest in information security research, development, and trends in a strictly vendor-neutral environment. These high-profile global events and training are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors.

Contact us to schedule private product demos (Portnox CORE for on-Premise NAC and Portnox CLEAR for cloud-based NAC) at one of these shows. We look forward to seeing you there and beginning a conversation with you around network security!

 

Portnox’s Predictions for Cybersecurity Trends in 2018

By | Cloud Security, IoT, Network Access Management, Network Security, Our Technology, Threat Detection and Response | No Comments

2017 was a very busy year for Portnox, yet throughout we aimed to address cybersecurity trends through our product offerings – Portnox CORE and Portnox CLEAR. With the highest number of ransomware attacks on record in 2017, we introduced a Rapid Ransomware Response and Control feature to our on-premise NAC solution, Portnox CORE, as well as the ability to see and control Internet of Things (IoT) devices through the IoT Visibility Radar. Portnox CLEAR, our cloud solution for network access control and risk management, was introduced to the market, and with its features for ensuring business continuity and securing the mobile workforce. The ability of our products to adequately address 2017 received commendation in the form of various industry awards and recognitions from leading publications and security experts.
Looking forward to 2018, the security landscape will shift and focus more heavily on IoT security, blockchain trends, automation and workforce mobility.

Here are some of our insights on what the 2018 cybersecurity landscape will look like:

  1. Extension of Automation: Together with AI and machine intelligence trends, automation will likely take center stage in 2018 as the leading security trend. Microsoft recently announced that it will begin automated anti-virus updates through its Windows Defender, which means that users and organizations will no longer have a choice when it comes to patching endpoints and software. This is good news, because it ensures that more actors have adequate security postures, and it makes sense for modular devices (like IoT) that present difficulties when it comes to firmware upgrades. Yet automation also creates challenges, namely for industries dependent on older versions of software, firmware and operating systems, such as healthcare and finance. Automated security updates could put the business continuity of these organizations at risk, and with potentially life-threatening and economically risky consequences. In addition, automated security updates across the board could actually make it easier for hackers to carry out large-scale attacks that will affect a larger number of endpoints.
  2. Blockchain and the Hacking of Applications: While many believe that the blockchain is “unhackable”, in the last year we have seen an increase in the number of attacks against blockchain-based applications. The vulnerabilities do not arise from the blockchain itself, but rather the applications that run on the blockchain. Social engineering will be used to extract private keys. Another possible blockchain hack, which has already been proven possible, is through other blockchain technologies such as Ethereum, which is an organization that’s committed to being open source for third-party applications. This creates a vulnerability because almost all applications have bugs can be manipulated by hackers as an attack surface.
  3. DDoS Ransomware: Creating a new and more pungent form of blackmail, DDoS and ransomware are joining forces to topple enterprise progress in digital transformation, while reaping monetary benefits. These attacks are made possible by using botnets, or large groups of “zombie” devices – which often happen to be Internet of Things devices, such as webcams – to funnel traffic to a malware-infected web address that, in turn, extract data from the accessing endpoint and demand ransoms for the return of that encrypted data. These attacks are often called “sinkhole” attacks because the DDoS traffic is being directed to sites that contain dangerous malware. With the wide adoption of Internet of Things devices in the enterprise, and the rise in ransomware demands, it’s likely that we’ll be seeing more of these attacks in the next year.
  4. Growing Regulation of IoT Security: Regulations governing IoT security features are beginning to be drafted, but there is still not enough demand from the consumer side to warrant manufacturer investment in security features. This begs a major question in 2018 of whether governments, in similar fashion to the US and EU, will begin issuing security regulations on IoT device manufacturers that protect consumers and companies from digital risk. Together with GDPR and other compliance regulations, we are likely to see more governments and industry authorities stepping up to enforce privacy, safety and security regulations on IoT manufacturers.
  5. Mobility of the Workforce: With more employees working remotely, organizations are enjoying a significant drop in their capital expenditures (many have even given up on the physical office space), while directing operational expenditures at digital transformation trends such as cloud and BYOD. Workforce mobility is a good thing for companies’ balance sheets, but the technological flexibility it affords results in more areas of cybersecurity vulnerability for the enterprise network. Companies that are set on accommodating mobile workforce trends will be investing in more endpoint, network and cloud security solutions that protect access and assets across a variety of locations and in various connected environments.

At Portnox, we will continue innovating our access control offerings to provide solutions to 2018 security trends and challenges, providing our customers with valuable, holistic solutions to protect their networks.
Here’s to a great 2018!

Portnox CORE is the Proud Winner of the Computing Security Awards in the NAC Category!

By | Our Technology | No Comments

Portnox is proud to announce that it is the winner of the Computing Security Awards 2017 “Network Access Control Solution of the Year”. Portnox’s on-premise NAC solution, Portnox CORE, was nominated as the best NAC solution of the year through a submission process open to the public, and was selected as the winner by Computing Security Awards’ board of judges. The announcement was made at an event for all of the nominees in London, England on October 12th.

While this is the first Computing Security Award won by Portnox, it is not the first time that Portnox CORE has been recognized as a top NAC solution by industry leaders in 2017. Portnox CORE was recognized with the following awards in 2017: Cybersecurity Excellence Awards, Best of InteropITX in the Security category and the Info Security Product Guide.

Portnox CORE is a leading solution for on-premise NAC that provides complete visibility into the enterprise network, including connected endpoints of various types in various locations, as well as control mechanisms to ensure that security policies are thoroughly enforced. Portnox CORE was one of the first NAC solutions to integrate an Internet of Things visibility radar, which includes the ability to automatically register new MAC addresses, providing enterprise IT teams with a security solution for IoT devices. In addition, Portnox CORE is an agentless solution, making the transition into BYOD and emerging technologies a simple and natural process for the digitally transformative enterprise.

Empowered by the recognition from the Computing Security Awards win, Portnox’s development teams will continue to introduce innovative, demand-driven features into Portnox CORE’s product offering. Portnox’s goal has always been to provide visibility and access control into all endpoints, everywhere, and Portnox CORE as a key role in helping us realize that vision.

Portnox CLEAR, Portnox’s cloud-based NAC product, has also been recognized by a number of industry leaders for taking a leap into the cloud security space ahead of other major NAC and cybersecurity solution vendors

Read more about Portnox CORE, Portnox’s NAC solutions, or request a demo!

How to Discover and Control a Vulnerable Device

By | Our Technology | No Comments

With BYOD, IoT and the growth of the mobile workforce, CISOs and system administrators are faced with mounting challenges in discovering and controlling all of the devices on their network. The proliferation of these technologies makes it easier for hackers to gain access to the network, by gaining control over and access to rogue and vulnerable devices, although they have obvious benefits for business. In this environment, a cloud-based network access control solution like Portnox CLEAR can go a long way in identifying and automatically controlling access for endpoints on the corporate network, both on and off premise.

Watch the following video to find out how easy it is to discover and control vulnerable devices with Portnox CLEAR.