The DORA Regulation (Digital Operational Resilience Act) introduces new standards for operational resilience in the financial and ICT sectors. Its goal is to ensure that organizations using information technology are prepared to manage risks associated with cyberattacks and disruptions in the supply chain.

The protection and prevention measures highlighted in Article 9 of the regulation require entities to implement appropriate security tools, such as:

• Deploying automated mechanisms to isolate informational resources in the event of cyberattacks;
• Using solutions to minimize the risk of unauthorized access;
• Implementing policies to restrict physical or logical access to informational and ICT resources.

In the context of meeting these requirements, Network Access Control (NAC) systems play a crucial role, enabling precise control over access to infrastructure.
The ICT sector’s supply chain is a complex ecosystem involving diverse service and technology providers. Each of these providers has the potential to become a weak link in the security chain. A lack of control over who and how access to infrastructure is granted creates risks of unauthorized access, data leaks, or the introduction of malicious software. The DORA Regulation emphasizes risk management related to suppliers, requiring solutions that effectively monitor and control network access. Implementing a NAC solution allows organizations to meet these demands.

How Does NACVIEW Work?

NACVIEW is an advanced NAC that provides:

• Precise access control: The system identifies all devices and users in the network, including external suppliers, and assigns them appropriate permission levels.
• Integration with IPS/IDS systems: Through integration with network traffic analysis systems, NACVIEW enables immediate response to potential threats.
• Network segmentation: Suppliers can access only selected resources, minimizing the risk of security breaches in other parts of the infrastructure.
• Full regulatory compliance: NACVIEW helps organizations document activities related to access control, a crucial aspect of DORA’s reporting requirements.

Key Benefits of Implementing NACVIEW:

1. Enhanced network security: Eliminates the risk of unauthorized access through strict supplier control.
2. Regulatory compliance: NACVIEW helps organizations meet the stringent requirements of the DORA Regulation while ensuring operational continuity.
3. Transparency and control: Provides detailed insights into the activity of suppliers and users, simplifying risk management in the supply chain.
4. Reduced impact of potential incidents: The ability to quickly isolate at-risk devices or users prevents the spread of problems within the network.

In the era of digitalization, where ICT infrastructure security is the foundation of operational activities, systems like NACVIEW play a critical role. By enabling precise management of network access, organizations can not only meet the requirements of the DORA Regulation but also effectively protect their resources and data from threats. Implementing such solutions is not just about regulatory compliance; it is an investment in security and operational stability.

Recently, cybersecurity specialists discovered a critical vulnerability in the RADIUS protocol (CVE-2024-3596), which enables Man-in-the-Middle attacks. This vulnerability allows an attacker to modify RADIUS packets, potentially leading to unauthorized access to network devices and services. The issue affects all RADIUS implementations using unencrypted authentication methods (e.g., PAP, CHAP, MS-CHAPv2) over UDP communication. 

Network device manufacturers are responding to this vulnerability by introducing a series of updates in their products. New software versions enforce validation of the message-authenticator attribute and reject RADIUS responses with unrecognized proxy-state attributes.

To secure your network, it is recommended to implement TLS or IPSec protocols, which prevent such threats. It is also worth noting that the 802.1X (EAP) standard is not susceptible to this vulnerability, making it a safe and recommended method.

Network administrators are advised to deploy available updates and switch to encrypted authentication methods wherever possible. Additionally, monitoring RADIUS traffic for unusual activities can help quickly detect any attack attempts. This issue particularly affects networks that send RADIUS traffic over the Internet.

NACVIEW system already has an appropriate patch implemented to fully cooperate with various network devices, ensuring compliance with the latest security requirements and protection against the BlastRADIUS vulnerability.

Fast and efficient communication between IT systems, devices, and users is very important. To achieve this, integration with SMS gateways is often used. It is essential that the system allows integration with various gateways available on the market, as is the case with the NACVIEW system. In the new version 2.3.20, support for Yeastar and Plus MultiInfo gateways has been added.

Currently, the NACVIEW system can seamlessly integrate with the following gateways:

• GSMService
• SMSAPI
• SmsEagle
• Afilnet
• aspsms
• Clickatell
• IntelliSMS
• nexmo
• NowSMS
• swisscom
• HostedSMS
• SerwerSMS
• OVH SMS
• Multiinfo
• Yeastar

Thanks to the integration of NACVIEW with various SMS gateways, it is possible to send alarms and notifications to network administrators, send information about newly created guest accounts in the Captive Portal, or use OTP functionality to confirm VPN sessions for users connecting to the network.

Integration between security systems is crucial in providing ZTNA (Zero Trust Network Access). It improves customer company network resilience by providing centralized monitoring, streamlined workflows, improved threat detection, faster incident response, enhanced scalability and flexibility.

That is why one of the parts of developing the NACVIEW system is to empower it with the ability to integrate with solutions used by our current and future customers.

Tests with Stormshield firewall proved that there are many possibilities of integration:

One-Time Password (OTP) Authentication for VPN connections (Stormshield VPN Client)

To enable it Stormshield must be configured in NACVIEW as a network device. The second condition is that the user has the Stormshield VPN Client. The first stage of verifying the user’s identity is checking his credentials in the local NACVIEW database or an external one, e.g. Active Directory. If the login and password are correct, the account is active and the resource is properly configured, the second stage of validation takes place. NACVIEW sends the user an SMS with a verification code, or the code from the NACVIEW Google Authenticator or Google Authenticator app is used which must be entered into the Stormshield VPN Client. After correct verification of the code and its validity, access to specific network resources is granted.

Automatic response for incident alerts received from Stormshield.

To enable it syslog sending must be configured between Stormshield (sender) and NACVIEW (receiver) and rules (events definitions) must be configured. That integration enables organizations to detect and mitigate security threats more effectively and maintain a secure network environment. Potentially dangerous devices could be easily traced in the company network and afterward, quarantine those devices and alert notifications to the security administrator or the Security Operations Center (SOC) personnel, providing them with real-time information about the detected threat.

Stormshield can also issue a “rating” for a given computer/user, and integration via API empowers NACVIEW to quarantine noncompliant devices based on their rating.

If you would like to test more possible integration, write to us on https://community.nacview.com/

NAC – Network Access Control solutions rely on switch functionality to enforce access policies in the company network. When a device connects to a switch port, the switch communicates with the NAC system to determine whether the device is compliant with security policies. This is why switches play a crucial role in the NAC implementation in the customer environment. Among the required switch functionalities is the support of authentication mechanisms such as IEEE 802.1X and MAB (MAC Authentication Bypass) to provide access enforcement, as well as support of SNMP, and SSH to provide real-time monitoring. 

Over the last few years, NACVIEW has been implemented in almost every industry. It allowed us to cooperate with a wide range of network devices’ suppliers. As an independent NAC vendor (not a manufacturer of a specific brand), we put a great effort into providing our customers with freedom of choice by letting them decide which switches best suit their needs and by creating integration and smooth support for all possible brands.

Recent implementations on the German market allowed us to configure NACVIEW with MICROSENS switches. MICROSENS is a popular supplier operating in four business areas: Enterprise Networks, Industrial Solutions, Optical Transmission, and Smart Building Solutions.

An example MICROSENS switch configuration can be found in the NACVIEW documentation at: https://docs.nacview.com/en/Device-Configuration/Microsens/Microsens-G6

If you are looking for a switch configuration, please contact our support team or start a discussion on the NACVIEW Community.