Solutions

Network Access Control Systems and Solutions

Network access control systems are tools used for controlling and managing network access based on compliance with a network and its policies. These policies are devised based on various parameters like user identity, device location, device health, among others.

The same philosophy is someone requiring a username and password to connect to your Network remotely via VPN, or use a Wifi Password or Domain Credentials present some sort of  Network Access Control. But what happens when you look at the Physical layer , what happens when someone brings their home computer and plugs it into the network or even worse an attacker plugs in?

NAC systems present an authentication layer on the physical port so only devices with a working AntiVirus and Windows patches and correct credentials will be presented on the company network. You can even present a two factor authentication to this incase the user details get compromised. If any of these tests fail they will be redirected to the Guest Networks

Systems that help managed this are HP's Aruba ClearPass or Cisco's ISE

Contact us today if you need a quote for a NAC system or the supporting of an existing one

LAPS – Local Administrator Password Solution

The problem with computers that come straight from an OEM or setup by users themselves is that sometimes they leave the original Local Administrator Account Password Blank. When this PC joins a domain as most PC's in business' do , this blank password is left as an exploitable security rish which is how UK renowned British Hacker Gary McKinnon infiltrated Nasa

Not only can someone access your PC remotely they can also :  

  • Install a keylogger to get the Domain Users or Administrator Password
  • Install Software to reverse engineer Cached Credentials 
  • Get immediiate access all the local FIles on the Computer
  • Get Users Saved Browser Passwords

 

LAPs is a solution provided by Microsoft , that when installed has a tiny client rolled out on each PC, that gets told by Group Policy to generate a random password. The password gets changed every 30 days and is unique for each computer. Even if the computer disconnects the domain for what ever reason your local AD will still have a record for the password

LAPS is easy to deploy, easy to manage and provides several security benefits… and it’s free available below

http://aka.ms/laps