Although network access control has been in use for over a decade it wasn't until the explosion of mobile devices and the start of initiatives such as BYOD, BYOT and BYOA that NAC truly became what it is today.
Network access control is a security solution that allows college and university IT leaders to validate users and assign them roles to enforce policies about what they can see and do on the network.
Today's colleges and universities are very complex and dense environments. The goal is to create a mobile experience that is reliable, fast, and secure. However, it's all about finding the right balance between security and a great user experience.
To do this SecurEdge can help you design complete NAC systems to give you full visibility and control at both the device, user and application level:
Guest devices and employee owned devices can have a strain on your network, causing headaches for even seasoned IT leaders to manage. A solution to help you manage this would be to build a registration process directly into the campus Wi-Fi infrastructure. This would allow guest users to self-register and then if they are approved can access the network in a role that you have pre-defined.
Having complete control and visibility means having the ability to dictate what your users have to comply to and what they can and cannot do. In other words you have to be able to control the behavior of the devices connecting to your network. By doing so you will ensure the safety and protection of your users (students, teachers, guests) as they access the network as well as your school's liability.
You campus NAC should have the ability to identify each type of user and then grant them access to your network and resources based that users appropriate role. For example, in a higher education setting you could create a student, faculty, and guest role, each with their own level of access and certain rules.
One thing that we notice gets overlooked when deploying NAC on campus is accounting for location. Mobility means supporting connectivity no matter where, however you should still have policies based on location. Are they connecting on the main campus, are they in the dorms, in certain classrooms, in a sports facility, at their house? You need the ability to adjust your "endpoint compliance" or security rules based on location.
Pro Tip: Every enterprise level NAC deployment should have the ability to Identify, Assign and Enforce, not only at the user lever but at the device and application/content level as well.