NAC (Network Access Control) is a security solution that restricts network access to authorized, policy-compliant devices. Before a device is allowed onto the network, NAC checks criteria such as a valid certificate, current patch level, active antivirus, and membership in the corporate inventory. Devices that fail the check are placed in a quarantine VLAN with limited access. NAC commonly builds on the IEEE 802.1X standard. For your ISMS, NAC is an effective control to prevent unknown or insecure devices from accessing corporate resources.