- Simple but dreadful, part 2 – Network shares » »
- « « Best Practices – Even Dilbert know what they mean
NAC and DLP
I was reading a comment from Shimel mentioning that NAC technology is becoming more mature every day, as we can see more 3rd party products integration. He mentions the integration of a IPS system, what promptly made me wonder about another kind of security product: DLP.
Have anybody tried to integrate DLP and/or e-Discovery products with NAC? Can you imagine the possibilities? You can build a policy where workstations with protected/sensitive information stored have their connectivity restricted to reduce the chances of data loss. Your computer is free from protected information, you can browse the Internet with more freedom than that guy with sensitive files in his hard disk. I wonder if anyone from Symantec is trying to do that with Vontu and their Endpoint Protection suite.
You are exactly correct about aligning DLP and NAC – the secret is you must do it on the host so you have the contextual understanding of what the sensitive data is and what risk is being created by the users activity. A “Trust Verification Agent” linked with a DLP endpoint agent creates a light weight DLP/NAC solution and then integration with existing NAC solution offers an even richer value. If you find this interesting, read about Digital Guardian by Verdasys.
September 11, 2008 @ 1:14 pm