Title : 
Enhancement and Implementation of Network Access Control Architecture for Virtualization Environments
         
        
            Author : 
Annuar, Hairil ; Shanmugam, Bharanidharan ; Ahmad, Ayaz ; Idris, Norbik Bashah ; Albakri, Sameer Hasan ; Samy, Ganthan Narayana
         
        
            Author_Institution : 
Adv. Inf. Sch., Univ. of Technol., Kuala Lumpur, Malaysia
         
        
        
        
        
        
            Abstract : 
The demand for protecting the enterprise network infrastructure from network security threats has shown an increase in recent years. Therefore, a security enforcement mechanism for the network is required to protect the network against the threats especially from internal. Generally, staffs and visitors that use their computer everywhere could bring a threat as it escape from the protective measures imposed by an organization. Therefore, it is necessary to secure enterprise network from being compromised by using endpoint security solution. Network Access Control (NAC) is capable to provide solution for determining the integrity of endpoints which serve as a basis for trustworthy communication. However, literature review reveals several types of NAC architecture that have been implemented by solution providers such as CISCO NAC and Microsoft NAP employs proprietary standard and the deployment method used is not comprehensive. In addition, previous architecture only complies with one of the NAC characteristic such as in-band or out-band, managed or unmanaged LAN, agent or agentless, pre-admission or postadmission and limited OS support. Hence, this study will focus on reviewing all those NAC architecture as a baseline to produce an enhanced NAC architecture which can cater for all NAC characteristics. The results shows that proposed NAC architecture which is combination of all the NAC characteristics can effectively control the network access by endpoint device. This proposed NAC architecture maybe useful as a basis for reference not only for researchers in this field but also for network administrator. It is necessary to review the NAC architecture from time to time to ensure that the security is remain intact.
         
        
            Keywords : 
authorisation; business data processing; computer network security; local area networks; operating systems (computers); virtualisation; CISCO NAC; Microsoft NAP; endpoint integrity; endpoint security solution; enterprise network infrastructure protection; information technology; limited OS support; managed LAN; network access control architecture enhancement; network security threats; security enforcement mechanism; trustworthy communication; unmanaged LAN; virtualization; Access control; Browsers; Computer architecture; Databases; Organizations; Servers; access control; network; security;
         
        
        
        
            Conference_Titel : 
Informatics and Creative Multimedia (ICICM), 2013 International Conference on
         
        
            Conference_Location : 
Kuala Lumpur
         
        
        
            DOI : 
10.1109/ICICM.2013.68