This study is focused on LAN security challenges faced by CIOs/IT managers in BPOs and Financial companies. Key challenges among these are guest access, Operating System/Anti Virus/Anti Spyware patch management, user redemption, Wireless Networks protection, Denial of Service and malware attacks, managing users and their groups, layer 2 attacks and compliance with regulatory framework. This study presents how the traditional technologies like VLAN, older authentication mechanisms, manual patch and log management, which are around for years are outdated and failed to address most of these LAN security challenges. And it also exhibits how the attackers/crackers are exploiting limitations in these traditional practices and able to breach the internal security.
Network Access Control (NAC) is an emerging technology which address LAN security puzzle. NAC tools like Policy Enforcement, Endpoint Integrity Check and Centralized Authentication enforces corporate policies to make sure employees and other trusted insiders can only get to the information they need for their daily jobs or, in the case of unintended problems, makes sure the devices they use have the latest patches installed. Other NAC tools like Integrated Firewall, Anomaly based IDS/IPS, worm containment and L2 security can detect and mitigate the virus/worms outbreaks and internal attacks. Events Correlation System in NAC helped system auditor to quickly identify the network failures and outbreaks. And also recent deployments have shown that NAC is cost effective to traditional technologies. Big guns like Cisco, Juniper, Microsoft and Symantec invested heavily in this technology and have started offering their products. Today the industry is looking Network Access Control as fast replacement to traditional technologies and it is going to be industry standard in coming years.
Creating awareness about LAN security challenges and failures of LAN security traditional practices and introducing the new technologies like Network Access Control to BPO and Financial sector is the main objective of this study.
|LAN Security Challenges and Network Access Control||55|