Comparative Study Of Network Access Control Technologies

Recent years, with the rapid development of Internet and the computer network, the problem of network security is increasingly becoming the focus of attention. One of the main problem is how to effectively control the user's access to the resource and various components of the network.. Obviously, we can't trust all users can use the network correctly and legally. Therefore, proper network access control is necessary.Network access control technology has a very important role in the protection of network security. Network access control is a vision, which utilizes existing solutions and new technologies to provide assurance that any device connecting to a network policy domain is authenticated and is subject to the network's policy enforcement. Non-compliant devices are isolated until they have been brought back to a complaint status.This thesis presents a comparative study of three main Network Access Control(NAC) technologies; Trusted Network Connect by the Trusted Computing group, Microsoft Corp.'s Network Access Protection, and Cisco Systems Inc.'s Network Admission Control. We compare the NAC technologies in terms of architectural and functional features they provide.I use libtnc as a framework to build a prototype system of TNC. Afterwards I use freeradius-server-2.1.8 as a foundation to build a TNC-serverlibtnc is an open-source implementation of the Trusted Network Connect (TNC) specification, developed by the Trusted Computing Group (TCG).libtnc compiles and runs on Windows and many Unix-like systems. It also includes the sources of a generic IMC/IMV pair which can assess basic security posture for Windows and Unix clients. It can be used to build TNC compliant clients, such as 802.1X supplicants and TNC compliant servers, such as RADIUS server. It can also be used to build a simple IMC/IMV pair that can be used to assess the security posture of Windows and Unix clients from a Windows or Unix server.Through the above analysis and experiment, I conclude that TNC has unique advantages in the comparision of the three main network access control technologies. It has a higher reliability because of its use of the Trusted Computing. Furhermore its standard is open.