By Seth (not verified) on Thu, 11/15/2007 - 11:54am.
I believe posture checking is a valuable service, but would never have proposed that this is the initial and foremost reason behind Network Access Control deployments. As the name suggests, our customers have predominantly selected NAC products for identify-based access control.
This compartmentalizing of access becomes necessary as devices become more mobile within the enterprise, whether wired or wireless, and network administrators can no longer use port segmentation and ACLs tied to VLANs, since different types of users/devices could access the same port.
Keep in mind, Cisco purchased Perfigo in 2004 to launch a network access control product. This implies that a market was already forming, with several vendors helping to fulfill market requirements.
Posture checking, like identity, location, schedule, device-type, authentication method, etc is just a criteria for developing a network access control policy. As networks and endpoints advance, other criteria will be added to policy creation as necessary.
Seth Goldhammer
Dir Product Management, NAC
TippingPoint
The Leader in Network Knowledge
Posture checking was never initial reason behind NAC
I believe posture checking is a valuable service, but would never have proposed that this is the initial and foremost reason behind Network Access Control deployments. As the name suggests, our customers have predominantly selected NAC products for identify-based access control.
This compartmentalizing of access becomes necessary as devices become more mobile within the enterprise, whether wired or wireless, and network administrators can no longer use port segmentation and ACLs tied to VLANs, since different types of users/devices could access the same port.
Keep in mind, Cisco purchased Perfigo in 2004 to launch a network access control product. This implies that a market was already forming, with several vendors helping to fulfill market requirements.
Posture checking, like identity, location, schedule, device-type, authentication method, etc is just a criteria for developing a network access control policy. As networks and endpoints advance, other criteria will be added to policy creation as necessary.
Seth Goldhammer
Dir Product Management, NAC
TippingPoint