Today's NAC Remains Vulnerable to AttackBy Matt Hines | Posted 2006-10-18 Email Print
Know the Risk: Digital Transformation's Impact on Your Business-Critical Applications REGISTER >
Experts say currently available Network Admission Control systems do not provide adequate security.According to the latest figures from Forrester Research, some 40 percent of all enterprises in North America will have some form of Network Admission Control in place by the end of 2006, as businesses seek more effective ways to identify devices connecting to their networks and to enforce IT security policies.
The systems are available today from a wide range of technology vendors including Cisco Systems, Insightix, Nortel Networks and StillSecure, with Microsoft planning to launch its NAP (Network Access Protection) products in 2007.
Despite the benefits offered by the systems, however, industry experts say that the tools are far from complete and, by themselves, do not yet provide an adequate level of security for companies to depend on.
The most outspoken critic of NAC security has been Ofir Arkin, chief technology officer of Insightix, based in Ra'anana, Israel. Arkin presented his methods for bypassing the technologies in early August at the annual Black Hat hacker convention in Las Vegas.
Arkin maintains that, despite his public warnings and other software vendors' concessions that NAC is not yet foolproof, many companies are adopting the technologies without understanding the risks involved.
"I believe that many companies may be entertaining a false sense of security because they don't understand all the implications and potential weak points," said Arkin. "And it's not that NAC is immature, it's just that people need to understand what it gives you and what it doesn't; some technologies out there promise full protection based on their NAC capabilities, and, in most cases, that isn't really accurate."
Arkin has outlined a series of weaknesses that he believes exist in current NAC installations. Among those vulnerabilities is the ability for outsiders to dupe NAC systems' so-called IP sniffers, which are used to scan data packets passing through the products' monitoring tools to validate information about devices connecting to a network.
Read the full story on eWEEK.com: Today's NAC Remains Vulnerable to Attack.