kNAC!

Presented at DEF CON 15 (2007), Aug. 3, 2007, 6 p.m. (50 minutes)

Network admission control (NAC), network access protection (NAP), network access control (NAC), and many other acronyms refer to a technology which aim to provide with access control verification before (and after) allowing an element to access the network. Unfortunately due to the lack of standardization, and the diversity of solutions, many (if not must) NAC solutions suffer form a multitude of weaknesses impacting the deployment, implementation and the overall protection they provide. The presentation examines various NAC solutions from leading vendors, highlight their weaknesses, and demonstrate how they can be bypassed. The presentation is an updated presentation, which includes new material, and new unpublished methods to bypass NAC solutions.


Presenters:

  • Ofir Arkin - CTO Insightix
    Ofir Arkin is the CTO of Insightix (http://www.insightix.com), leading the development of the next generation of IT infrastructure discovery, monitoring and network access control systems for enterprise networks. He holds more then 10 years of experience in data security research and management. He had consulted and worked for multinational companies in the financial, pharmaceutical and telecommunication sectors. Ofir is the author of a number of influential papers on information warfare, VoIP security, network discovery and network access control and lectures regularly at security conferences. Ofir is chair of the security research committee of the Voice Over IP Security Alliance (VoIPSA). Ofir is the founder of Sys-Security Group (http://www.sys-security.com), a computer security research group.

Links:

Similar Presentations: