Dana

NAC Plugins To Leverage MultiVendor Detection/Remediation

I believe there is a fundamental weakness in the concept of any one vendor supplying an enterprise with both NAC and End-Point Security, certainly as a far as malware detection/remediation is concerned.

Everyone agrees that the volume of malware is so high that no single vendor comes close to protecting against more than 60% or so, in many cases much, much less.

NAC is the perfect place to provide layered detection/remediation
I think we all subscribe to the incremental safety in layers concept. So I would suggest that NAC is the perfect opportunity to give enterprises a platform on which to build these incremental layers.

End-point security products are now so embedded in the OS that co-existence is a non-starter. What we have established with eSAC is an ultra-lightweight incremental malware scan. It takes less than a minute to download and run, around 15 seconds on second and subsequent execution. And because it is not deeply embedded in the OS (it is click and go) then it will happily co-exist with whatever end-point agents are installed.

NAC Plugins
I think NAC should provide an open plug-in capability to allow enterprises to easily deploy incremental scanners like eSAC/CSI from multiple vendors. This would allow enterprises to benefit from the collective detection/remediation capabilities of multiple vendors even if the window for layered active protection is closing or has already closed.

I can see why the larger vendors will fight this move from a self preservation point of view. But objectively it delivers a significant advantage that enterprises clearly need and want - better breadth and depth of protection and an open architecture that can deliver it.

I'd be keen to hear your thoughts on this.

Mel Morris
CEO
Prevx