Network access control data
Network access control (NAC) data refers to the information generated, collected, or enforced by systems that manage and monitor which users, devices, or systems are permitted to connect to and communicate over a network. Most data points will include a timestamp, device, user, and action. It can also include the network, connection status, reason for an action, compliance status, applicable policy, and session start and end time. This data is used for access management and policy enforcement, which supports security, compliance, and operational visibility.
Network access control data is event driven and comes from the following:
- Authentication events
- Access denied/quarantine events
- Network admission control logs
- Policy enforcement actions
- Connection attempts and results
- Session activity
- Network segmentation changes
Network access is managed by network infrastructure, such as firewalls, routers, switches, VPNs, and security groups.