liu.seSearch for publications in DiVA
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Comparative Study of Network Access Control Technologies
Linköping University, Department of Computer and Information Science.
2007 (English)Independent thesis Advanced level (degree of Magister), 20 points / 30 hpStudent thesis
Abstract [en]

This thesis presents a comparative study of four Network Access Control (NAC) technologies; Trusted Network Connect by the Trusted Computing group, Juniper Networks, Inc.’s Unified Access Control, Microsoft Corp.’s Network Access Protection, and Cisco Systems Inc.’s Network Admission Control. NAC is a vision, which utilizes existing solutions and new technologies to provide assurance that any device connecting to a network policy domain is authenticated and is subject to the network’s policy enforcement. Non-compliant devices are isolated until they have been brought back to a complaint status. We compare the NAC technologies in terms of architectural and functional features they provide.

There is a race of NAC solutions in the marketplace, each claiming their own definition and terminology, making it difficult for customers to adopt such a solution, resulting in much uncertainty. The NAC paradigm can be classified into two categories: the first category embraces open standards; the second follows proprietary standards. By selecting these architectures, we cover a representative set of proprietary and open standards-based NAC technologies.

This study concludes that there is a great need for standardization and interoperability of NAC components and that the four major solution proposals that we studied fall short of the desired interoperability. With standards, customers have the choice to adopt solution components from different vendors, selecting, what is commonly referred to as the best of breed. One example for a standard technology that all four NAC technologies that we studied did adopt is the IEEE’s 802.1X port-based access control technology. It is used to control endpoint device access to the network.

One shortcoming that most NAC architectures (with the exception of Trusted Network Connect) have in common, is the lack of a strong root-of-trust. Without it, clients’ compliance measurements cannot be trusted by the policy server whose task is to assess each client’s policy compliance.

Place, publisher, year, edition, pages
Institutionen för datavetenskap , 2007. , 114 p.
Keyword [en]
NAC, Network Access Control, Trusted Platform Module, Trusted Computing Group, Trusted Network Connect, Network Access Protection, Network Admission Control, 802.1X, root of trust
National Category
Computer Science
Identifiers
URN: urn:nbn:se:liu:diva-8971ISRN: LITH-IDA-EX--07/028--SEOAI: oai:DiVA.org:liu-8971DiVA: diva2:23688
Presentation
2007-05-11, Al-khwarizmi, IDA B, Linköping University, Linköping University, 09:15
Uppsok
teknik
Supervisors
Examiners
Available from: 2007-06-18 Created: 2007-06-18

Open Access in DiVA

fulltext(1056 kB)2032 downloads
File information
File name FULLTEXT01.pdfFile size 1056 kBChecksum SHA-1
cb2abf48b5daec169590b121e312c04f88f3dfc668761b7c1025326a8179bd7412fc3e60
Type fulltextMimetype application/pdf

By organisation
Department of Computer and Information Science
Computer Science

Search outside of DiVA

GoogleGoogle Scholar
Total: 2032 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 1198 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf