Gartner defines network access control (NAC) as technologies that enable organizations to implement policies for controlling access to corporate infrastructure by both user-oriented devices and Internet of Things (IoT) devices. Policies may be based on authentication, endpoint configuration (posture) or users' role/identity. NAC can also implement postconnect policies based on integration with other security products. For example, NAC could enforce a policy to contain the endpoint based on an alert from a SIEM. An organization should evaluate the following capabilities: • Device visibility/profiling • Access control • Security posture check • Guest management • Bidirectional integration with other security products.