Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control [Hardcover]

Daniel V. Hoffman (Author)

Book Description

Publication Date: April 21, 2008 | ISBN-10: 0470238380 | ISBN-13: 978-0470238387 | Edition: 1

This guide presents real-world hacking scenarios along with complete implementation guidance for the right NAP/NAC solution, so you can understand which solution makes the most sense based upon the most prevalent risks in your environment. Follow the actual steps hackers take to perform specific exploits, determine which security solutions will stop the exploits from happening, and learn all about the standard components of any NAP/NAC solution. By learning to analyze a security posture, set policies for device analysis, and communicate with the device, you?ll be able to take action.

Editorial Reviews

From the Back Cover

Prevent hacker exploits with this comprehensive implementation guide

You're ready to see through the misconceptions and misinformation about NAP/NAC that might come your way. Here is an excellent resource for uncovering the actual vulnerabilities and exploits that the various NAP/NAC types can address. You'll find real-world hacking scenarios, along with complete implementation guidance for the right NAP/NAC solution. This guide will help you determine what type of solution makes the most sense, based upon the most prevalent risks in your environment.

• Follow the actual steps hackers take to perform specific exploits

• Determine which security solutions will stop the exploits from happening

• Gain a strong understanding of the various NAP/NAC terms, standards, and organizations

• Learn all about the standard components of any NAP/NAC solution

• Analyze a security posture, set policies for device analysis, communicate to the device, and take action

• Explore NAP and NAC solutions from different vendors, including Cisco NAC, Microsoft NAP, Mobile NAC, and Fiberlink Mobile NAC

About the Author

Daniel V. Hoffman has designed mobile security solutions for the largest companies in the world. His hacking and security expertise has been featured in educational curriculum, conferences, and media outlets globally. He is the author of Blackjacking: Security Threats to Blackberry Devices, PDAs, and Cell Phones in the Enterprise, also from Wiley.

Product Details

• Hardcover: 288 pages
• Publisher: Wiley; 1 edition (April 21, 2008)
• Language: English
• ISBN-10: 0470238380
• ISBN-13: 978-0470238387
• Product Dimensions: 9.3 x 7.6 x 0.9 inches
• Shipping Weight: 1.3 pounds (View shipping rates and policies)
• Average Customer Review: 4.5 out of 5 stars  See all reviews (2 customer reviews)
• Amazon Best Sellers Rank: #1,785,452 in Books (See Top 100 in Books)

More About the Author

Discover books, learn about writers, read author blogs, and more.

Customer Reviews

Most Helpful Customer Reviews

4.0 out of 5 stars Clear and Actionable Advice on Choosing the Right NAC Solution, November 1, 2008

By 

Chris Gates (NoVA, USA) - See all my reviews

This review is from: Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control (Hardcover)

Disclaimer:

I was asked to read a pre-release copy of the book, my quote made it onto the book, and I was given a review copy.

I found myself in a position to learn about the different types of NAC appliances as well as Mobile NAC. The problem is that I don't work for a NAC vendor or install NACs for a living. Googling left me with tons of vendor hype on NAC but not a lot of good information to help me understand the different type of NACs, how they work, and why I would would choose one type over the other. Dan Hoffman's book is the only NAC book I know of that is (mostly) vendor neutral. The only other NAC/NAP books I know of are Cisco Press book which obviously tout Cisco products as the best way to go. Dan Hoffman breaks down the functionality of NAC and they different types of NAC solutions into simple easy to understand language, just like he did for Blackjacking on mobile threats. He has a great knack for explaining technical systems and topics in an easy to understand way.

Here is a list of what he covers in the book:

CH1 Understanding Terms and Technologies

CH2 The Technical Components of NAC Solutions

CH3 What Are You Trying to Protect?

CH4 Understanding the Need for LAN-Based NAC/NAP

CH5 Understanding the Need for Mobile NAC

CH6 Understanding Cisco Clean Access

CH7 Understanding Cisco Network Admission Control Framework

CH8 Understanding Fiberlink Mobile NAC

CH9 Understanding Microsoft NAP Solutions

CH10 Understanding NAC and NAP in Other Products

My favorite chapters are CH3 "What Are You Trying to Protect?", CH4 "Understanding the Need for LAN-Based NAC/NAP", and CH5 "Understanding the Need for Mobile NAC."

By far the most important chapter is chapter three where Dan walks through the questions an organization needs to ask itself before it purchases a NAC solution. The company needs to know if they are trying to protect LAN based or Mobile assets and they need to know exactly what they are trying to protect the answer from the first question against. Dan discusses the various scenarios that come about from those two questions and the two follow on chapters provide even more detail on how the two types of solutions (LAN based and Mobile NAC) work and how they differ from one another. Chapter two covers the details of the different parts of NAC and Chapters 6-10 give some of the specifics about different NAC vendor's solutions (not a complete list).

The only thing I didn't like about the book was that it really didn't cover bypassing NAC. It would have been nice to see some content on how NAC is currently being bypassed or what NAC doesn't protect against and how to mitigate against it.

0 of 3 people found the following review helpful:

5.0 out of 5 stars Implementing NAP & NAC Security Book, January 24, 2009

By 

Walid Bou (Arlington, VA United States) - See all my reviews
(REAL NAME)   

This review is from: Implementing NAP and NAC Security Technologies: The Complete Guide to Network Access Control (Hardcover)

The book was brand new as described. I will definitely buy from this seller again.