> View this now

Published on: November 2007
Type of content: WHITE PAPER
Format: Adobe Acrobat (.pdf) (508 kb)
Length: 12 pages
Price: FREE

Overview:
The concept of Unified Access Control or Network Admission Control is being talked about a great deal within the information security and network architecture industries. Many manufacturers are proposing their point solutions and products help to better the security posture of traditional network-based paradigms by repositioning traditional solutions like remote-access technology and applying it to the internal LAN environment. One can hardly read anything about network architecture or information security without at least a passing mention of “de-perimeterization” or “re-perimeterization”. The problem with all of these discussions and announcements is that no one, to date, has really defined the depth and breadth of the pitfalls with current architectures and how these new solutions may solve them. No one has defined what a unified access control network is, how it should work, why it is superior or even attempted to give us a common lexicon to discuss any of these issues.

Why Traditional Security has Failed

If it weren’t for the advent of distributed computing and its culmination into the Internet, the world of information security would be a sparsely populated field of study, limited primarily to physical-security and user-management specialists. It was only with the dissemination of information and processing power that today’s security concerns have arisen. This constantly changing and evolving security dilemma has resulted in the reactivity that has been the hallmark of the information security industry. The primary drivers behind these issues are the difference between perceived risk and actual risk, the lack of extensibility of information security solutions, the complexity of modern business systems and their interaction, and the fact that security decisions tend to be made in the vacuum of “pure security” without contemplating the whole of the system.

Unified Access and Application Delivery Methodology

The critical security flaw in today’s network design is simple; it wasn’t designed to be
The unified access and application delivery methodology (UAADM) revolves around, not the network per se, but how the network is used to connect users and the applications they need, the context with which that access is requested and granted and the security profiles that accompany the context and the resource being accessed. This methodology design breaks the process into three distinct constituent parts: Access Contexts, Resource Networks and a Unified Access and Application Delivery Controller (UAADC).