Skip to main content
GetanehMosie
GetanehMosie
New Member
September 8, 2021
Question

SIEM & NAC

  • September 8, 2021
  • 2 replies
  • 1208 views
Hi all,
can anybody tell me why I need NAC when I have SIEM solution?

    2 replies

    premchanderr
    Staff & Editor
    premchanderr
    Staff & Editor
    November 14, 2023

    Hi @GetanehMosie ,

    NAC controls network access, ensuring secure entry. SIEM monitors and responds to security incidents through log analysis. Both are crucial: NAC for access control, SIEM for incident detection and response, enhancing overall cybersecurity. 

      Secusaurus
      Secusaurus
      Contributor III
      December 6, 2023

      Hi GetanehMosie,

       

      I think, Prem nailed it pretty well. Just to have another point of view for this:

      NAC is in the area of prevention (disallowing the "wrong" devices to connect to the network at all) and a SIEM is in the area of detection.

      So, with NAC, you can prevent the initial access, a SIEM won't help here. If an attacker has access already, however, a NAC won't help, but a SIEM could uncovering the attacker's traces.

       

      Best,

      Christian

      NSE8 | Fortinet Advanced MSSP Partner
      Terms & ConditionsAccessibility statement