Help
FortiSIEM Discussions
GetanehMosie
New Contributor

Created on ‎09-08-2021 05:43 AM

SIEM & NAC

Hi all,
can anybody tell me why I need NAC when I have SIEM solution?
597
0 Kudos
2 REPLIES 2
premchanderr
Staff
Staff

Created on ‎11-14-2023 08:39 AM

Hi @GetanehMosie ,

NAC controls network access, ensuring secure entry. SIEM monitors and responds to security incidents through log analysis. Both are crucial: NAC for access control, SIEM for incident detection and response, enhancing overall cybersecurity. 

Regards,
Prem Chander R
485
Secusaurus
Contributor II

Created on ‎12-06-2023 12:22 AM

Hi GetanehMosie,

 

I think, Prem nailed it pretty well. Just to have another point of view for this:

NAC is in the area of prevention (disallowing the "wrong" devices to connect to the network at all) and a SIEM is in the area of detection.

So, with NAC, you can prevent the initial access, a SIEM won't help here. If an attacker has access already, however, a NAC won't help, but a SIEM could uncovering the attacker's traces.

 

Best,

Christian

FCP & FCSS Security Operations | Fortinet Advanced Partner
FCP & FCSS Security Operations | Fortinet Advanced Partner
449
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.