Short bio: Computer Scientist, FOSS supporter (read more)
Tux Machines (TM)-specific
Network access control (NAC) aims to unify endpoint security, system authentication, and security enforcement in a more intelligent network access solution than simple firewalls. NAC ensures that every workstation accessing the network conforms to a security policy and can take remedial actions on workstations if necessary. For example, NACs can check if a workstation has antivirus software installed and, if not, NAC will limit the workstation's access to the network. In some cases, if NAC is capable of remedial measures, it can force-install an antivirus program on the workstation so that it will conform to the security policy. Although NAC can improve the security of your environment, most commercial NACs cost several thousand dollars. However, using NAC does not need to be that expensive. PacketFence, a free open source NAC application, gives you the security of NAC for free.
By using PacketFence, you can be sure that all user workstations connect to your network will comply to your organization's network policy. You can easily restrict P2P services and track who owns a specific MAC address. In brief, PacketFence assures you that only authorized users and workstations have access to the network, and helps you track them.
For any NAC to work effectively, you must have a properly planned network security policy available in advance. You must identify possible sources of vulnerabilities and threats, actions that will be taken when such threats are detected, and ways to prevent unforeseen vulnerabilities and threats from recurring.