Page 808 - (ISC)² CISSP Certified Information Systems Security Professional Official Study Guide
P. 808

Originally, 802.1X (which provides port-based NAC) was thought to
               embody NAC, but most supporters believe that 802.1X is only a simple

               form of NAC or just one component in a complete NAC solution.

               NAC can be implemented with a preadmission philosophy or a
               postadmission philosophy, or aspects of both:

                    The preadmission philosophy requires a system to meet all current
                    security requirements (such as patch application and antivirus
                    updates) before it is allowed to communicate with the network.

                    The postadmission philosophy allows and denies access based on

                    user activity, which is based on a predefined authorization matrix.

               Other issues around NAC include client/system agent versus overall
               network monitoring (agent-less); out-of-band versus in-band
               monitoring; and resolving any remediation, quarantine, or captive
               portal strategies. These and other NAC concerns must be considered
               and evaluated prior to implementation.


               Firewalls


               Firewalls are essential tools in managing and controlling network
               traffic. A firewall is a network device used to filter traffic. It is typically
               deployed between a private network and a link to the internet, but it
               can be deployed between departments within an organization.
               Without firewalls, it would not be possible to prevent malicious traffic

               from the internet from entering into your private network. Firewalls
               filter traffic based on a defined set of rules, also called filters or access
               control lists. They are basically a set of instructions that are used to
               distinguish authorized traffic from unauthorized and/or malicious
               traffic. Only authorized traffic is allowed to cross the security barrier
               provided by the firewall.

               Firewalls are useful for blocking or filtering traffic. They are most

               effective against unrequested traffic and attempts to connect from
               outside the private network and can also be used for blocking known
               malicious data, messages, or packets based on content, application,
               protocol, port, or source address. They are capable of hiding the
               structure and addressing scheme of a private network from the public.
   803   804   805   806   807   808   809   810   811   812   813