External and internal security: how to strike the perfect balance.

4 reasons why you should invest in Network Access Control

5 min read-

Technology insights

Remember the botnet Mirai, first found in 2016? Mirai scans the internet for the IP address of IoT devices. The botnet installs itself on these vulnerable IoT devices and then carries out distributed denial of service (DDoS) attacks. It resulted in several high-profile websites such as Twitter, Reddit, Netflix and Airbnb not being accessible.

The abovementioned example is just one out of many. Despite the amount of money spent on IT security each year, businesses around the world still experience data leaks and security breaches. It’s a fact that companies often only rely on traditional, external security measures, such as firewalls, VPNs, anti-virus or anti-spyware. Today – partly because of IoT and BYOD – there’s a strong growth in users, devices and machines connecting to the networks of businesses. What’s more, the network itself is becoming extremely complex, resulting in networks and organizations being exposed to possible attacks more than ever before. This is why a balance between external and internal network security should be established.

External network security is not enough

Traditionally, external network security solutions like firewalls and VPNs have become commodities.


A firewall protects your confidential information from those not authorized to access it and protects against malicious users and accidents that originate outside your network. Next-gen firewalls, the third generation of firewalls, allow mail gateway and data leak protection, but only to the outside. Firewalls thus don’t control who connects ‘behind it’, i.e. from the company’s private network, and that is something Network Access Control can do.


A VPN is mainly used to connect in a secure and encrypted way to the resources of the company and keeps your private activity really private, whether you’re browsing at home, at the office or via mobile. But without Network Access Control, you can’t check if the remote PC is authorized, up to date with the correct software and antivirus or corresponds to a PC controlled and secured by the company.

In the end, there is still room for threats to the inside of your organization, which go from cyberattacks and social engineering to downloading malicious internet content and information leakage. Attacks via Bluetooth, a flash drive or a wireless mouse are also common. These threats don’t necessarily originate from the inside of your organization: they can be carried out outside your company’s building or via a hotspot for mobile users. External network security is thus not sufficient enough, and a balance between external and internal network security is needed.

Fill in the gap

To fill these gaps, third-generation Network Access Control (NAC) products entered the market a few years ago. In contrast to previous NAC generations, they are specifically designed to ensure a better security when it comes to BYOD and IoT. NAC is a security solution that controls access to your network. They give visibility into the devices connected to the network, providing information to security admins about suspicious behavior. Connection requests are intercepted, then authenticated against a designated identity and access management system. Access of employees or outsiders is denied or granted, based on a set of parameters and policies programmed in the system.

Not convinced yet? We’ve summed up 4 reasons why you should also secure your network internally, through Network Access Control.

4 reasons why you should invest in Network Access Control

NAC results in unified management NAC simplifies key tasks for network and security administrators. By setting automated controls and remediation processes, NAC solutions provide the opportunity to effectively implement network security policies, resulting in unified management.
NAC makes BYOD works BYOD policies can be very beneficial for businesses because it increases worker flexibility and productivity, but it exposes your company to a number of threats, within and outside the company. NAC safeguards networks from unmanaged devices, using a mixture of policy management, profiling, and access control.
NAC addresses the IoT The Internet of Things refers to the rapidly growing network of connected objects that are able to collect and exchange data using embedded sensors, such as air quality sensors or fire or smart smoke detectors. Thanks to NAC you can see when IoT devices are connecting and transmitting data over the network. It also controls the areas of the network that they can access.
NAC integrates with existing infrastructure NAC solutions easily integrate and share essential data with security integrations. They even use the alerts from integrated systems to formulate a better response to threats or changes in network status.

Time to take a closer look at your network?

Don’t hesitate to ask our expert for advice.

We’re happy to help you on your way towards a safer, more reliable network with our Aruba NAC solutions. With professional advice, unbiased recommendations and future proof technology.

Let's talk

Benoît Morin, Consultant, System Solutions