FortiSIEM Discussions
GetanehMosie
New Contributor

SIEM & NAC

Hi all,
can anybody tell me why I need NAC when I have SIEM solution?
2 REPLIES 2
premchanderr
Staff
Staff

Hi @GetanehMosie ,

NAC controls network access, ensuring secure entry. SIEM monitors and responds to security incidents through log analysis. Both are crucial: NAC for access control, SIEM for incident detection and response, enhancing overall cybersecurity. 

Regards,
Prem Chander R
Secusaurus
Contributor

Hi GetanehMosie,

 

I think, Prem nailed it pretty well. Just to have another point of view for this:

NAC is in the area of prevention (disallowing the "wrong" devices to connect to the network at all) and a SIEM is in the area of detection.

So, with NAC, you can prevent the initial access, a SIEM won't help here. If an attacker has access already, however, a NAC won't help, but a SIEM could uncovering the attacker's traces.

 

Best,

Christian

FCP & FCSS Security Operations | Fortinet Advanced Partner
FCP & FCSS Security Operations | Fortinet Advanced Partner