Network Access Control Flashcards
Jump server
Provides secure access to another system (also jump host) or bastion host, is hardened computer system or server that provides secure access to other computers or systems. Deployed in a screened subnet to provide an additional layer of security. User can access to jum server through secure connection (SSH/VPN) then use a jump server as a gateway to access other systems with the network. Can be used to enforce security policies and provide an audit trial to user activity
NAC network access control
Evaluate endpoints for network-access using agents, evaluate endpoint connections prior to admission and enforces access privileges based on pre-admission and post-admission policies
Proxy server
Filters and fetches/caches client requests. Intermediary machine between a client and server, which is used to filter or fetch and cache requests made by client. Can be single purpose supporting on protocol, supporting multiple protocols.
Post admission policy
NAC policy, regulates and restrict access to once the connection is allowed
Rule based IDS engine
Analyze behavior for validation of preconfigured set of rules
IDS intrusion detection system
Analyze nad monitor network traffic, intrusion detection system can analyze out band network traffic placement utilizes a positive tap that receives a copy of the network traffic and can process samples, only applies to NIDS (network based intrusion detection/prevention system)
Heuristic
Intrusion detection system decision engine, IDS use set of pre-defines rules and algorithms to identify anomalous behavior and patterns which can be adopted and updated over time. Intrusion detection system engine