Are you looking for my non-technical blog?

This is now my technical-only blog, my non-technical blog is here.

18 November 2008

NAC - IF-MAP

So, what's IF-MAP!?
As, you can see, your NAC is at a certain point of time aware of your credentials, the version of the antivirus installed on your PC, the patching level of your OS, etc. And now we need such date to be available for the other devices in the network in order to be able to deal with you not only based on your IP Address, but also based on your username, and machine health. We need some database - MAP or Meta-data Access Point - where all the previous info are available for our Firewalls, IPS's, DHCP Servers and any other network element to base their policies on them. Any IPS now that supports such protocol will be able to deal with end-points and have dynamic policies for them based on various parameters, and not just their IP Address.
"Trusted network connect - part of the Trusted Computing Group - published its Interface for Metadata Access Point protocol on April 28 to provide a common framework for sharing event metadata. This means there's finally a way for security and network devices from a variety of vendors to communicate, and thus make better assessments on whether to grant or deny access to everything from PCs to switches", InformationWeek

So now, even if someone changes his IP address, the firewall will not be fooled by his new IP address, but it will be able to deal with him based on his role in the organization regardless of his address. The IPS will be able to treat the different users differently based on their machine health, role in the organization, etc.

Related Links:
InteropLabs, Making NAC Secuirty - Aware with IF-MAP.
Got the NAC Blog, IF-MAP: Integrating All Network Security.
Got the NAC Blog, The Adoption Curve for IF-MAP.
StillSecure, After All These Years, Is IF-MAP the spark that will ignite theTCG/TNC and the security industry?
Rational Survivability, I Can Haz TCG IF-MAP Support In Your Security Product, Please.

Tags: , , , ,

3 comments:

  1. wow awesome post man thanks its really help full i will definitely subscribe to your feed
    Mobile Repairing Picture Help

    ReplyDelete
  2. Stop saying Israel Say IsraHell , in you writing , chat , talk , conversations and artwork .

    we lunched this campaign , to show the world how illegal israhell is .

    Please write an Article , POST , make an Artwork about this new name of IsraHell .

    Please forward the message and say IsraHell .

    ReplyDelete
  3. Stop saying Israel Say IsraHell , in you writing , chat , talk , conversations and artwork .

    we lunched this campaign , to show the world how illegal israhell is .

    Please write an Article , POST , make an Artwork about this new name of IsraHell .

    Please forward the message and say IsraHell .

    ReplyDelete