Protection of enterprise data assets is best controlled through granular identity-based access control policy enforcement – before, during, and after a user is granted access to the network. Critical data resides in multiple places and is accessed by various users in different locations, so having per-user, location-independent policies is essential. Additionally, persistent access control policy enforcement should prevent unauthorized users from even “seeing” network, system and application resources for which they should not be accessing.
Effective access control policy enforcement goes beyond the point at which a user connects to the network and continues to validate access is appropriate and authorized.
Additionally, integrating access control policy decisions with policy enforcement eases administration and complexity compared to approaches that rely on managed switches or other third party devices for policy enforcement and threat containment.
Leave a Reply
You must be logged in to post a comment.