Fixed-scope project
Scoped SoW, fixed price, fixed timeline. All four services available in this model.
01 — Services
What we do.
Four services. Five platforms. One implementation discipline. Each service is scoped, priced, and delivered against a written statement of work — no open-ended consulting.
01 — New NAC deployments
Implementation
Design, deploy, and integrate Network Access Control into existing network fabric. From RFP through production hand-over.
Typical engagement: 8–16 weeks. Typical size: mid-to-large enterprise.
What's included
Assessment
Current-state audit, gap analysis, architecture design.
Pilot
Validated design on one site or segment before full rollout.
Rollout
Phased deployment with integration to AD, firewall, SIEM.
Hand-over
Runbooks, Tier-2 training, 30-day post-deployment tuning.
02 — Fix broken deployments
Troubleshooting
For organisations with an existing NAC deployment that isn't working as intended. We diagnose using the R-P-Po-V-E-A framework.
Typical engagement: 2–6 weeks. Works across all five platforms.
What's included
RADIUS · Profile
Confirm supplicant reaches RADIUS; devices are profiled.
Policy · VLAN
Verify right policy matches; right VLAN is returned.
Enforce · Audit
Enforcement point honours VLAN; logs exist for review.
Remediation plan
Prioritised fix list with owner and ETA per item.
03 — Prepare for regulatory review
Audit readiness
NAC controls prepared for ISO 27001, PCI DSS, RBI supervisory review, and IT-ACT 43A audits using the PVESIC framework.
Typical engagement: 4–8 weeks. Deliverable: audit evidence pack.
What's included
Policy · Visibility
Network policy documented; device inventory verified.
Enforcement · Segregation
Enforcement proven in logs; segmentation aligns with risk.
Incident · Change
IR playbooks in place; change management audit trail intact.
Evidence pack
Single consolidated bundle for the auditor.
04 — Choose the right platform
Vendor selection
For organisations about to invest in a new NAC platform. Vendor-agnostic evaluation — no kickbacks, no preferred vendor.
Typical engagement: 2–4 weeks. Deliverable: selection matrix + TCO.
What's included
Requirements mapping
Your environment mapped against NAC capability dimensions.
Cross-platform scoring
All five platforms scored on your weighted criteria.
TCO projection
Three-year cost projection including licences and integration.
Recommendation
Written, justified, defensible to CISO and finance.
05 — Engagement models
Most common
For ongoing needs
For specific questions
How we work.
Three ways to engage Pavak.
Retainer
Monthly hours committed, rolled to next month if unused. Good for troubleshooting support or continuous audit readiness.
Hourly advisory
Senior advisory at an hourly rate with a 4-hour minimum. No commitment, no retainer.