How Can You Extend NAC to IoT?
To mitigate and eliminate cybersecurity risks brought on by new IoT endpoints, organizations are turning to network access control solutions for added visibility, understanding, and control over IoT devices. In a sense, this is a replication of the same approach taken for traditional managed and BYOD endpoints in use locally and remotely.
Shortcomings of Traditional NAC
As we’ve discussed, there is a huge variety of IoT devices and a general lack of centralized management with regards to IoT security. Many IoT devices still rely on IT security technology from the 1980s, with no password brute force controls and no available patches. Furthermore, legacy NAC solutions like Cisco’s Identity Services Engine (ISE) and HP Aruba ClearPass haven’t evolved to address the full swath of modern IoT security challenges. In many respects, they struggle to scale for IoT, are hampered by complex 802.1X implementations, and are even vulnerable to MAC spoofing.
Cloud NAC Can Eliminate IoT Security Threats
Today, it’s a matter of ensuring IoT devices can be properly identified, authenticated, monitored and controlled so that they’re unable to compromise the network. Network security engineers thus need a NAC solutions that support current IoT security needs, such as threat awareness, containment, and mitigation.
Through its network access control solutions, Portnox provides complete visibility, control and management of IoT devices connected or connecting to enterprise networks. Gaining knowledge and control capabilities for IoT devices security is essential for minimizing exposure to digital business risks arising from IoT security vulnerabilities, and understanding IoT security issues provides an accurate posture assessment of network health.
Portnox CLEAR enables organizations to discover, control and manage IoT devices connecting both on and off premise, and effectively control access based on a device’s level of risk, according to pre-defined network security policies. Plus, you can eliminate geo-redundancies with cloud-based 802.1X authentication for all devices.