Traditionally network access control (NAC) has lacked endpoint assessment in its decision making. This lack of assessment can leave an enterprise's network vulnerable to malicious attacks. Trusted Computing Group (TCG) and IETF have defined an open architecture called Trusted network connect (TNC) to fill this gap. TNC, as part of its architectural components, includes integrity measurement collectors (IMCs) at network endpoints and integrity measurement verifiers (IMVs) at enterprise's network to evaluate and verify the endpoints against the enterprise policies before allowing network access.
This talk will cover: 1) What is end point assessment and why it is needed? 2) Why existing NAC technologies are missing end point assessment? 3) TNC architecture and how it can help with end point assessment? 4) What open source tools can be used to deploy TNC?