kNAC! presented at DeepSec 2007

by Ofir Arkin,

Summary : Network admission control (NAC), network access protection (NAP), network access control (NAC), and many other acronyms refer to a technology which aim to provide with access control verification before (and after) allowing an element to access the network. Unfortunately due to the lack of standardization, and the diversity of solutions, many (if not must) NAC solutions suffer form a multitude of weaknesses impacting the deployment, implementation and the overall protection they provide. The presentation examines various NAC solutions from leading vendors, highlight their weaknesses, and demonstrate how they can be bypassed. The presentation is an updated presentation, which includes new material, and new unpublished methods to bypass NAC solutions.