Security Solutions
2-4
Customer Needs Assessment
Overview
To further protect your company and its network, you must evaluate your
company’s risk from endpoints as well as from users. Because endpoints are
oftentimes allowed onto the network without scrutiny, companies cannot
guarantee that each endpoint is virus free or running the latest patches for
security vulnerabilities. In addition, most companies have no way to check an
endpoint’s security settings to ensure, for example, that the browser settings
enforce a high level of security.
By implementing an endpoint integrity solution such as the ProCurve Network
Access Controller (NAC) 800, you can test endpoints before they are allowed
onto the network. You can then block endpoints that would introduce a
security weakness on your network. (For more information about endpoint
integrity, see Chapter 1: “Access Control Concepts.”)
The remainder of this chapter guides you through the process of identifying
your company’s needs for network access and evaluating your network. As
you move through each step in the process, keep in mind both business and
technical needs of your company. Your goal is to help users perform their jobs
while protecting the business interests of your company.
After completing this process, you will have gathered the information you
need to create a security policy for your company. (For more information
about creating a security policy, see Chapter 3: “Designing Access Controls.”)