Enhancement of network access control architecture with virtualization

H. Annuar, B. Shanmugam, A. Ahmad, N.B. Idris, S.H. Al Bakri, Ganthan Narayana Samy

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in ProceedingsResearchpeer-review

Abstract

The demand for protecting the enterprise network infrastructure from network security threats has shown an increase in recent years. Therefore, a security enforcement mechanism for the network is required to protect the network against the threats especially from internal. Generally, staffs and visitors that use their computer everywhere could bring a threat as it escape from the protective measures imposed by an organization. Therefore, it is necessary to secure enterprise network from being compromised by using endpoint security solution. Network Access Control (NAC) is capable to provide solution for determining the integrity of endpoints which serve as a basis for trustworthy communication. However, literature review reveals several types of NAC architecture that have been implemented by solution providers such as CISCO NAC and Microsoft NAP employs proprietary standard and the deployment method used is not comprehensive. In addition, previous architecture only complies with one of the NAC characteristic such as in-band or out-band, managed or unmanaged LAN, agent or agentless, pre-admission or postadmission and limited OS support. Hence, this study will focus on reviewing all those NAC architecture as a baseline to produce an enhanced NAC architecture which can cater for all NAC characteristics. The results shows that proposed NAC architecture which is combination of all the NAC characteristics can effectively control the network access by endpoint device. This proposed NAC architecture maybe useful as a basis for reference not only for researchers in this field but also for network administrator. It is necessary to review the NAC architecture from time to time to ensure that the security is remain intact.
Original languageEnglish
Title of host publicationProceedings - 2013 International Conference on Informatics and Creative Multimedia, ICICM 2013
PublisherIEEE, Institute of Electrical and Electronics Engineers
Pages314-320
Number of pages7
ISBN (Print)978-076955133-3
DOIs
Publication statusPublished - 2013
Externally publishedYes
Event2013 International Conference on Informatics and Creative Multimedia - Kuala Lumpur, Malaysia
Duration: 4 Sep 20136 Sep 2013

Conference

Conference2013 International Conference on Informatics and Creative Multimedia
Abbreviated titleICICM 2013
Period4/09/136/09/13

Fingerprint

Access control
Virtualization
Network security
Local area networks
Industry
Communication

Cite this

Annuar, H., Shanmugam, B., Ahmad, A., Idris, N. B., Al Bakri, S. H., & Samy, G. N. (2013). Enhancement of network access control architecture with virtualization. In Proceedings - 2013 International Conference on Informatics and Creative Multimedia, ICICM 2013 (pp. 314-320). [6702831] IEEE, Institute of Electrical and Electronics Engineers. https://doi.org/10.1109/ICICM.2013.68
Annuar, H. ; Shanmugam, B. ; Ahmad, A. ; Idris, N.B. ; Al Bakri, S.H. ; Samy, Ganthan Narayana. / Enhancement of network access control architecture with virtualization. Proceedings - 2013 International Conference on Informatics and Creative Multimedia, ICICM 2013. IEEE, Institute of Electrical and Electronics Engineers, 2013. pp. 314-320
@inproceedings{6ce260f4c40047df9d9da41c0b937921,
title = "Enhancement of network access control architecture with virtualization",
abstract = "The demand for protecting the enterprise network infrastructure from network security threats has shown an increase in recent years. Therefore, a security enforcement mechanism for the network is required to protect the network against the threats especially from internal. Generally, staffs and visitors that use their computer everywhere could bring a threat as it escape from the protective measures imposed by an organization. Therefore, it is necessary to secure enterprise network from being compromised by using endpoint security solution. Network Access Control (NAC) is capable to provide solution for determining the integrity of endpoints which serve as a basis for trustworthy communication. However, literature review reveals several types of NAC architecture that have been implemented by solution providers such as CISCO NAC and Microsoft NAP employs proprietary standard and the deployment method used is not comprehensive. In addition, previous architecture only complies with one of the NAC characteristic such as in-band or out-band, managed or unmanaged LAN, agent or agentless, pre-admission or postadmission and limited OS support. Hence, this study will focus on reviewing all those NAC architecture as a baseline to produce an enhanced NAC architecture which can cater for all NAC characteristics. The results shows that proposed NAC architecture which is combination of all the NAC characteristics can effectively control the network access by endpoint device. This proposed NAC architecture maybe useful as a basis for reference not only for researchers in this field but also for network administrator. It is necessary to review the NAC architecture from time to time to ensure that the security is remain intact.",
keywords = "Access control, Network, Security, Industry, Information science, Network architecture, Networks (circuits), Enterprise networks, Network access control, Network administrator, Proprietary standards, Protective measures, Security enforcement mechanisms, Solution providers, Network security",
author = "H. Annuar and B. Shanmugam and A. Ahmad and N.B. Idris and {Al Bakri}, S.H. and Samy, {Ganthan Narayana}",
year = "2013",
doi = "10.1109/ICICM.2013.68",
language = "English",
isbn = "978-076955133-3",
pages = "314--320",
booktitle = "Proceedings - 2013 International Conference on Informatics and Creative Multimedia, ICICM 2013",
publisher = "IEEE, Institute of Electrical and Electronics Engineers",
address = "United States",

}

Annuar, H, Shanmugam, B, Ahmad, A, Idris, NB, Al Bakri, SH & Samy, GN 2013, Enhancement of network access control architecture with virtualization. in Proceedings - 2013 International Conference on Informatics and Creative Multimedia, ICICM 2013., 6702831, IEEE, Institute of Electrical and Electronics Engineers, pp. 314-320, 2013 International Conference on Informatics and Creative Multimedia, 4/09/13. https://doi.org/10.1109/ICICM.2013.68

Enhancement of network access control architecture with virtualization. / Annuar, H.; Shanmugam, B.; Ahmad, A.; Idris, N.B.; Al Bakri, S.H.; Samy, Ganthan Narayana.

Proceedings - 2013 International Conference on Informatics and Creative Multimedia, ICICM 2013. IEEE, Institute of Electrical and Electronics Engineers, 2013. p. 314-320 6702831.

Research output: Chapter in Book/Report/Conference proceedingConference Paper published in ProceedingsResearchpeer-review

TY - GEN

T1 - Enhancement of network access control architecture with virtualization

AU - Annuar, H.

AU - Shanmugam, B.

AU - Ahmad, A.

AU - Idris, N.B.

AU - Al Bakri, S.H.

AU - Samy, Ganthan Narayana

PY - 2013

Y1 - 2013

N2 - The demand for protecting the enterprise network infrastructure from network security threats has shown an increase in recent years. Therefore, a security enforcement mechanism for the network is required to protect the network against the threats especially from internal. Generally, staffs and visitors that use their computer everywhere could bring a threat as it escape from the protective measures imposed by an organization. Therefore, it is necessary to secure enterprise network from being compromised by using endpoint security solution. Network Access Control (NAC) is capable to provide solution for determining the integrity of endpoints which serve as a basis for trustworthy communication. However, literature review reveals several types of NAC architecture that have been implemented by solution providers such as CISCO NAC and Microsoft NAP employs proprietary standard and the deployment method used is not comprehensive. In addition, previous architecture only complies with one of the NAC characteristic such as in-band or out-band, managed or unmanaged LAN, agent or agentless, pre-admission or postadmission and limited OS support. Hence, this study will focus on reviewing all those NAC architecture as a baseline to produce an enhanced NAC architecture which can cater for all NAC characteristics. The results shows that proposed NAC architecture which is combination of all the NAC characteristics can effectively control the network access by endpoint device. This proposed NAC architecture maybe useful as a basis for reference not only for researchers in this field but also for network administrator. It is necessary to review the NAC architecture from time to time to ensure that the security is remain intact.

AB - The demand for protecting the enterprise network infrastructure from network security threats has shown an increase in recent years. Therefore, a security enforcement mechanism for the network is required to protect the network against the threats especially from internal. Generally, staffs and visitors that use their computer everywhere could bring a threat as it escape from the protective measures imposed by an organization. Therefore, it is necessary to secure enterprise network from being compromised by using endpoint security solution. Network Access Control (NAC) is capable to provide solution for determining the integrity of endpoints which serve as a basis for trustworthy communication. However, literature review reveals several types of NAC architecture that have been implemented by solution providers such as CISCO NAC and Microsoft NAP employs proprietary standard and the deployment method used is not comprehensive. In addition, previous architecture only complies with one of the NAC characteristic such as in-band or out-band, managed or unmanaged LAN, agent or agentless, pre-admission or postadmission and limited OS support. Hence, this study will focus on reviewing all those NAC architecture as a baseline to produce an enhanced NAC architecture which can cater for all NAC characteristics. The results shows that proposed NAC architecture which is combination of all the NAC characteristics can effectively control the network access by endpoint device. This proposed NAC architecture maybe useful as a basis for reference not only for researchers in this field but also for network administrator. It is necessary to review the NAC architecture from time to time to ensure that the security is remain intact.

KW - Access control

KW - Network

KW - Security

KW - Industry

KW - Information science

KW - Network architecture

KW - Networks (circuits)

KW - Enterprise networks

KW - Network access control

KW - Network administrator

KW - Proprietary standards

KW - Protective measures

KW - Security enforcement mechanisms

KW - Solution providers

KW - Network security

UR - https://www.scopus.com/inward/record.uri?eid=2-s2.0-84893653654&doi=10.1109%2fICICM.2013.68&partnerID=40&md5=64846d816d5c32cf3b5c25372f85d868

UR - http://www.proceedings.com/20858.html

U2 - 10.1109/ICICM.2013.68

DO - 10.1109/ICICM.2013.68

M3 - Conference Paper published in Proceedings

SN - 978-076955133-3

SP - 314

EP - 320

BT - Proceedings - 2013 International Conference on Informatics and Creative Multimedia, ICICM 2013

PB - IEEE, Institute of Electrical and Electronics Engineers

ER -

Annuar H, Shanmugam B, Ahmad A, Idris NB, Al Bakri SH, Samy GN. Enhancement of network access control architecture with virtualization. In Proceedings - 2013 International Conference on Informatics and Creative Multimedia, ICICM 2013. IEEE, Institute of Electrical and Electronics Engineers. 2013. p. 314-320. 6702831 https://doi.org/10.1109/ICICM.2013.68