Abstract:
"Network access control is one of the most important topics in defending against cyberattacks
in order to keep business operations running and data safe. SMEs in Sri Lanka can be found in a variety of industries, including banking and finance, telecommunications, and healthcare.
Because of the information and data process, almost every type of these organizations has
become a key threat target.
Several problems were highlighted about network access control in Sri Lankan SMEs,
including a lack of expertise and information to correctly assess the NAC requirement, choose the appropriate solution, and evaluate the deployment. Furthermore, the industry lacks a comprehensive guideline developed specially for Network access control.
The research's major goal is to provide a cost-effective and efficient framework that addresses the highlighted challenges and assists SMEs in Sri Lanka in defending against cyber-attacks.
The designed framework is made up of four major components/phases that may be used
independently depending on the situation. The major components are requirement
identification and analysis, solution identification and planning, deployment and evaluation,
and incident detection and response. The framework has a straightforward structure and offers thorough instructions for making decisions, evaluating, identifying, and addressing difficulties
encountered during the deployment of a network access control system in an organization. The framework uses scoring methods to give the user with a cost-effective and efficient result.
The framework is purely focused on network access control and due to the user-friendly
structure, it can easily be used by non-technical personnel as well. As a future improvement, it can expand to other organisation types both local and worldwide.
"
