Federated Autonomic Network Access Control

Network Access Controls (NAC) are widely used to provide endpoint security typically complementing existing application-based security controls. NAC security mechanisms, for instance firewalls, are routinely prescribed as requirements for compliance to security standards such as PCIDSS and ISO 27000. However, the effectiveness of a NAC configuration may be hampered by poor understanding and/or management of the overall security configuration, which may in turn, unnecessarily expose the enterprise to known security threats. New threats and/or service requirements often result in firefighting by ad-hoc modification to an already large and complex configuration.