There are several possibilities to access network infrastructures via different kinds of devices and the use of mobile devices increases. Therefore, NAC systems need to control network access being specialized on monitoring end devices. During authentication phase devices are audited with regards to policy compliance in order to ensure that only known and sufficiently up-to-date (software version) devices are approved to access a network. That way the company’s level of safety increases enormously.
However, a complete overview on the company’s IT security is not provided by NAC systems. Security Information and Event Management functionalities, such as attack statistics, control of compliance regulations, critical events, risk management, are missing. But SIEM systems are costly, resource intensive and complex. Ultimately, they are often perceived as just being another security system that needs to be managed. Therefore, the CLEARER project aims at extending an already existing NAC system by adding SIEM functionality.
CLEARER supports several different application scenarios that can optionally be extended with regards to the requirements of the company that finally applies it. CLEARER combined with a NAC system is able to evaluate compliance regulations and to introduce enforcement measures in case of a critical alarm. These regulations dynamically adapt to current events in order to relieve the IT administrator. Of course, there is always the possibility of reacting manually. But the IT administrator is supported by easily understandable recommendations for action which is why especially SME benefit from using CLEARER.
For more information, visit www.clearer-project.de