📖 What is Network Access Control (NAC)?
Network Access Control (NAC) is a security solution that enforces policy-based access to a network. It evaluates the 'posture' of a connecting device—checking for updated antivirus or OS patches—before granting access to specific network segments.
"Student, look for the term 'posture assessment' in the exam questions. This is the definitive clue that the correct answer is NAC."
📚 Certification: CompTIA Network+ Certification Exam (N10-009)
🔑 What are the Key Concepts of Network Access Control (NAC)?
- ▸ Posture Assessment evaluates the health of a device, checking for current antivirus signatures and OS patches before granting network access.
- ▸ Pre-admission NAC occurs before a device connects, while post-admission NAC continuously monitors the device's behavior and compliance after connection.
- ▸ Quarantine VLANs isolate non-compliant devices, providing a restricted environment where users can download required updates without risking the production network.
- ▸ IEEE 802.1X provides the framework for port-based NAC, utilizing a supplicant, an authenticator (switch), and an authentication server (RADIUS).
- ▸ Agent-based NAC uses installed software for deep system inspection, whereas agentless NAC relies on network scans or browser-based checks.
🎯 How does Network Access Control (NAC) appear on the N10-009 Exam?
You may be asked to identify the best solution for a company that requires all guest and employee devices to be scanned for security compliance and OS patch levels before they are granted access to the internal LAN.
A scenario might describe a user connecting a laptop to a corporate wall jack and being automatically redirected to a remediation server because their antivirus is outdated; you must identify this as NAC.
Expect questions where you must differentiate between simple authentication and a solution that validates the security posture of the device, such as checking for specific registry keys, before allowing network entry.
❓ Frequently Asked Questions
How does NAC differ from 802.1X?
802.1X is a specific authentication protocol that verifies identity. NAC is a comprehensive security framework that often uses 802.1X for identity but adds posture assessment to ensure the device is healthy.
What is the purpose of a remediation server in a NAC environment?
Remediation servers allow non-compliant devices in a quarantine VLAN to download necessary patches or antivirus updates, enabling them to pass the posture check and eventually gain full network access.