Network Access Control (NAC) for Enterprise IoT

Managing multiple devices in one network can be difficult – but it doesn’t have to be

Within traditional networks there are a wide range of devices, computers, access points, switches etc. that all connect into a network and are typically managed through Microsoft’s Active Directory (AD) Domain services. Managing authorization and network access control is not easy for the number and variety of devices. Consider the variance in operating systems, hardware etc. which each node in the network uses. When you add a Bring Your Own Device (BYOD) model for short term employees and contractors, the challenges become even more compounded.

Challenges can be complex when adding IoT devices into the mix

Adding IoT devices to a corporate network raises more complex challenges as these devices can be very different to traditional user devices and switches. One of the most obvious challenges being the sheer scale of IoT devices that will connect. An example of this could be a hospital where the number of connected medical devices could be four to five times larger than the number of traditional computers and printers.

Another major challenge is security. How would CIOs and system administrators trust these devices connecting to their networks. Typical IoT devices are “headless” which means they have no user input or GUI. This means, it’s difficult to apply the traditional enterprise Network Access Control mechanisms on such devices.

KeyScaler provides a solution for device identity, integration and automation

  • Device registration whitelisting – authorizing specific devices to register into the network
  • Simple onboarding of devices without human intervention
  • Automated PKI lifecycle management
  • Automated Password Management – Centralized service for managing passwords on devices in the network
  • Microsoft Windows Active Directory integration for seamless integration with customer workflows
  • Secure soft storage - for devices that don’t have hardware protection like TPM (Trusted Platform Module) to store credentials
  • Connectors to Enterprise HSMs and CAs
    • HSMs – nCipher Security nShield and Gemalto SafeNet
    • CAs - Sectigo, DigiCert and HID Global
  • Partner ecosystem, easy integration
    • IoT Solutions require multi-vendor products with easy integration hooks


Have a Question?