Effective use of NAC
When used effectively, NAC should offer a multi-layered approach to both enforcement policy and protection againstintrusion, ensuring that every corner of the enterprise network is covered by NAC, even when mobile devices are taken off the corporate network. However, while companies generally understand the benefits of NAC, many do not know how to implement it effectively. 

The key issues which must be addressed for the successful implementation of NAC are:
· Flexibility
· Open standards
· Balance
· Remediation.
Each of these points is covered in more detail below.

Flexibility
The variety of different security measures needed for individual departments within a single organisation requires that a NAC solution is able to provide adaptive and flexible standards-based protection for all user groups and environments. 

It is key that the large enterprise has the ability to accommodate the entire internal user population without adding to administrative overheads for standards creation and management.  
 
Open standards
Successful NAC implementations will bring significant security and business benefits, but organisations have to think carefully about becoming locked-in to individual suppliers and the associated potential for creating single points of failure. Companies with a sole vendor could find themselves forced into either making expensive software upgrades or leaving themselves open to attack – with no safety net to catch a security breach that has been missed. 

There is also widespread concern about the cost of becoming NAC compliant. Both these issues can be addressed by adopting an open standards solution and a layered approach to security.

In doing so, organisations can benefit from enforcing NAC without the cost and implementation burden of upgrades to their core infrastructure.

Finding the right balance
Effective NAC requires the enforcement of all network information standards without exception. It is therefore, a major challenge to strike the right balance between security and user productivity.  Specific user needs, including those of third parties such as contractors, consultants, customers or suppliers must be taken into account and balanced against the requirements of the security standards.

Remediation
An effective NAC solution needs to quickly and automatically restore non-compliant machines to a trusted state, ensuring 100 percent compliance with standards before access is granted to the corporate network. 

Automated remediation of non-compliant devices is therefore crucial to maintain user productivity and minimise the cost of helpdesk calls or manual intervention by the IT department.

In Conclusion
NAC is a vital component of any corporate network. When implemented effectively, NAC allows businesses to achieve compliance with corporate network information security standards, gain control over how people, applications and devices act on a network, quickly remediate any non-compliant devices and ensure continuous network integrity. This can only be achieved through processes that ensure continuous, automatic enforcement of information security standards.

Experience has shown that in this way security can be made simpler than insecurity, enabling good information assurance to be developed in the business without compromising productivity.

The author is Director, Systems Engineering, Symantec Corp.