What is a key feature of Agent-Based NAC?

A key feature of Agent-Based Network Access Control (NAC) is that it utilizes a small installed program, often referred to as an "agent," on client systems to monitor and enforce security policies. This agent allows the NAC system to gather real-time health and compliance data from those systems, sending reports to a centralized console for analysis and decision-making.

This setup enables the NAC to perform various functions such as assessing the security posture of the device, ensuring that it meets organization-defined policies before granting or denying network access. The agent can also facilitate automated remediation, for example, by triggering security updates or software installations if a device is found to be non-compliant.

In contrast, another choice suggests that NAC performs health checks on external systems without specifying the role of an installed program, which is not the primary focus of Agent-Based NAC. Additionally, there are options that mention operation without installed software or limiting connections to pre-approved systems, which do not accurately represent the functionality of an Agent-Based NAC that relies on installed agents for active monitoring and reporting.