New NAC allows SITA to make clean sweep

Centralised network access control allows recycling and waste management company to reduce policy compliance management to days rather than weeks

In a bid to enable centralised network access control (NAC) and policy compliance management in days versus weeks, and also boost business, SITA UK, a leading recycling and waste management company in the UK , has installed a family of NAC appliances across its locations.

In addition to traditional security issues, enterprises such as SITA UK face a steady influx of vulnerabilities introduced by contractors, guests and mobile/home employees who are able to bypass physical security and gain network connection inside the perimeter defences. 

The firm wanted to enforces network security policies across all managed and unmanaged network devices, including desktops and laptops as well as non-OS devices such as VoIP phones, handhelds and network printers, without the need for a software agent of any kind. The new NAC supports these aims.

Because the NAC is a clientless out-of-band solution, the total cost of deployment was less than anticipated. The new appliances plugged into the existing infrastructure without the need for upgrades or hardware changes. SITA also did not have to reinvest in standard network switches and routers and reported zero downtime during the implementation.

For Mike Carr, IT Security Manager at SITA UK , the addition of the CounterACT NAC appliances from ForeScout Technologies as part of the company’s security initiative is business-enabling.  He said, “As business demands grow, more users and more and diverse types of service devices are attaching to our network – from VoIP phones to closed circuit TVs.

“One of our key aims is to control this network access with high confidence that every user and service device complies with our security policies – and is productive − from the moment they connect. With [the new NAC], we have exceeded that requirement. [It’s] policy compliance engine helps us write and push policies tailored in real-time to address issues arising in our dynamic network. As a result, every device in every location on our network is identified and examined in real-time, and every deviation from policy is caught and addressed appropriately.”

Read more on CW500 and IT leadership skills