Manualshelf

Security Solutions

ManualsBrandsHP ManualsSoftwareHP ProCurve Access Control Client Software
11121314151617181920
1-4
Access Control Concepts
Introduction to Access Control
Eliminates frustrations created by piecemeal solutions—A well-
designed, centrally administered network access control solution mini-
mizes the number of passwords that users must enter throughout the day.
Ideally, the solution begins to control the user’s access as soon as he or
she connects to the network and continues to do so without further user
interaction.
This solution design guide focuses on network access control as the first front
in securing your organizations resources.
Network Access Control
Network access control is the process of controlling who has access to which
network resources under what conditions (the time, location, and means of
access).
An access control security policy addresses these questions:
Who should access the network?
What data, services, and other resources on the network should these
users access?
What conditions should alter the level of access granted to a
particular user?
It is easy to think of network access control in terms of the first question only
and to answer that question in a simplistic fashion: “I want to allow the good
guys in and keep the bad guys out.” But, of course, users do not split neatly
into “good guys” and “bad guys,” and attacks do not always originate from the
outside.
You can more usefully think of access control as granting many different types
of users—employees, both temporary and permanent; guests; and custom-
ers—the level of access that is appropriate to their needs.
For example, it is appropriate for doctors and nurses in a hospital to access
patient records; they need those records to do their jobs. Receptionists at the
front desk, on the other hand, do not require such access, so the network
should not give it to them. However, the receptionists should, quite appropri-
ately, have access to other network resources (such as appointment databases
and scheduling software). And the only resource appropriate for patients and
visitors might be the Internet and the hospital’s public Web site.