802.1x-based NAC

* A strong interest in 802.1x authentication will feed into the network-based, identity driven model of NAC

A recent poll at a Gartner security conference indicates strong interest in 802.1x authentication that will feed into the network-based, identity driven model of NAC.

The poll was taken at a session on NAC and had 84 respondents, a small sample, but one with a demonstrable interest in NAC.

The result was that half those responding planned to implement 802.1x by 2011, up from the 13% that have it implemented today. If that sample is representative of businesses at large, that will be a boost for network-based NAC.

Such NAC implementations link 802.1x port authentication with the identity of the user and the configuration posture of the endpoint to make access decisions. The standards-based technology also defines how to periodically re-authenticate to ensure that the device still warrants access.

One hindrance to deploying 802.1x-based NAC is that it requires support in both the client and access devices such as switches and access points. Few businesses would go to the expense of upgrading to 802.1x in their switches for NAC alone (Compare NAC products), so widespread adoption of that form of NAC will be slow. When businesses refresh their switches that is the likely time they will upgrade to 802.1x, so the transition will likely be slow.

That will give vendors time to make implementing 802.1x simpler, something that is needed if it is to proliferate because users register that its complexity is a hindrance to their adopting it.

Despite its 50% result, Gartner predicts the actual adoption rate of 802.1x for wired networks will be 70% by 2011. It bases this on the belief that 802.1x implementation will be made simpler and that demand for NAC to control access of guest PCs will continue grow.

Gartner analysts Lawrence Orans and John Pescatore say in their report “Findings: Wired 802.11x Adoption Rates on the Rise” say they have seen large and very large 802.1x deployments that when publicized and shown successful, will lead to a wave of other businesses committing to 802.1x.

From CSO: 7 security mistakes people make with their mobile device
Join the discussion
Be the first to comment on this article. Our Commenting Policies