What should happen to users and devices that fail NAC policies?

Expert Peter Wood reviews how to deal with employees and devices that don't pass NAC policies.

What should be done with users and any malware-infected devices that violate NAC policies
This has to be partly an HR question! From the user perspective, if your network access control (NAC) policies are mentioned in your acceptable use policy, and your users have been made aware of this policy and the consequences of non-compliance, then the user's manager and your HR people would have to decide on appropriate action. Organizations may choose to immediately lock out or quarantine a non-compliant device, or they may offer a grace period for remediation in order to keep resources up and running, for example.

From the device perspective, it is always best to erase the device and rebuild it from scratch, unless you are certain that your disinfection tools have completely removed the malware.

This was last published in August 2009

Read more on Endpoint security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.






  • How do I size a UPS unit?

    Your data center UPS sizing needs are dependent on a variety of factors. Develop configurations and determine the estimated UPS ...

  • How to enhance FTP server security

    If you still use FTP servers in your organization, use IP address whitelists, login restrictions and data encryption -- and just ...

  • 3 ways to approach cloud bursting

    With different cloud bursting techniques and tools from Amazon, Zerto, VMware and Oracle, admins can bolster cloud connections ...