Free Newsletter
Register for our Free Newsletters
Newsletter
Zones
Access Control
LeftNav
Alarms
LeftNav
Biometrics
LeftNav
Detection
LeftNav
Deutsche Zone (German Zone)
LeftNav
Education, Training and Professional Services
LeftNav
Government Programmes
LeftNav
Guarding, Equipment and Enforcement
LeftNav
Industrial Computing Security
LeftNav
IT Security
LeftNav
Physical Security
LeftNav
Surveillance
LeftNav
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
ProSecurityZone Sponsor
 
 
Editor's Blog and Industry Comments

Network Access Control for Dummies review

06 June, 2008
At this year's InfoSecurity Europe exhibition in London, Sophos were giving their stand visitors free copies of NAC for Dummies, a booklet from the popular ÃâÅ"Dummies" series of how-to publications so we picked up a copy to take a look.
The format of the dummy books is to present a complex subject in a straightforward, jargon-free way that enables the reader to get at least a fundamental grip of the subject matter. In the case of the Sophos special edition of NAC for Dummies, author Arnold Reinhold has managed to cover the complex area of Network Access Control in an engaging and interesting manner which is understandable by anyone with the basics in computing and at least an understanding of why they might need to control access to their computer resources.

Consisting of seven chapters, the book becomes progressively more comprehensive so that by the time you've read it all, you will know the difference between managed and unmanaged endpoints, understand what out-of-band enforcement is and be armed with definitions for such acronyms as DHCP, VPN and TNC so at least you'll be able to talk to suppliers, consultants and installers without an interpreter.

The book starts simply enough with a fairy tale style analogy to castles with amusing references to moats, contagions and rogues. Such mundane expressions as "in case they become contaminated with malware", which begs further definition, are colourfully presented by expressions like "lest they become the conduits for evil", which cleverly gives the picture within the fairy tale context without introducing further demands on the author to define extra jargon which would otherwise take the book beyond its scope.

By the end of the introductory chapter, the castle analogy has served its purpose and the knight's horse is dead so there's no point in flogging it further. The remaining chapters therefore get to the meat of the theme and start with user and device control. The fairy tale may have ended but the readability continues as before with clear explanations concerning how NAC goes beyond simple user authentication to encompass contextual access, the hardware used and its level of protection.

Further chapters discuss the requirement for network access control, forming a policy, implementation considerations and what the future is likely to hold for corporate IT security. In the traditional "Dummies" style, the book is full of tips and useful points to remember and the key to its readability is in the clarity of its organisation and style of writing.

The book's availability however, isn't as straightforward as its content. Its not on the Dummies site or the Sophos site and I can't even find it on eBay so if you see a copy somewhere, make sure you try and obtain it. And no, you can't have my copy!
Bookmark and Share