Another NAC supplier closes its doors but is Cisco really to blame? On Wednesday, NAC start-up Lockdown Networks became yet another victim of the slower than predicted NAC market - like 
Caymas Systems (which shut down last year) and Vernier Systems (which reinvented itself as Autonomic Networks and is developing new technology to complement its Edgewall NAC appliances) - before it. Lockdown said it was unable to raise additional sufficient venture capital to continue, according to a story by Network World's Tim Greene. Computerworld security blogger Eric Ogren believes Cisco's presence in NAC leaves little room for smaller players. "When Cisco creates a market, it does not necessarily create a derivative market for private vendors. Even if you buy into the NAC concept, NAC has to be ubiquitous to be effective," according to Ogren.
"NAC is an infrastructure play - all the companies jumping on the NAC bandwagon really just didn't get it," he adds.
He believes that "there are only a couple of vendors that should be considered for NAC: Cisco and Microsoft. Cisco belongs because the network is a great place for gathering intelligence and enforcing operational policies; Microsoft because simplifying management of Windows endpoints is a responsibility they own."
Is the NAC market doomed to a choice of between just 2 giant vendors?
More from Cisco Subnet: More from Cisco Subnet: * Privacy breach insurance mitigates the risk of credit card, identity breaches Go to Cisco Subnet for more Cisco news, blogs, discussion forums, security alerts, book giveaways, and more. 20 useful sites for Cisco networking professionals Cisco Subnet's Top 20 Cisco Press books: How do you rate them? Network World's IT Buyer's Guide: Cisco products Subscribe to Network World's Cisco Alert, which includes a weekly digest of all Cisco Subnet items
* No love for central office techs
* Hackers hijacking routers and blackmailing firms to regain access
* Security wireless networks: Using the wireless network to monitor itself
* The CCNP $5,000 question
* March Giveaways: Win access to Tech 2000's CCNA Lab Simulator; win a copy of Cisco Networking Simplified, 2nd Edition
The Cisco Subnet blog is the official blog of the Network World Cisco Subnet community, managed by Editor Linda Leung. Cisco Subnet is the independent voice of Cisco customers and is your gateway to daily Cisco news, blogs, opinion, books, prize giveaways and more. Visit the Cisco Subnet home page daily and while you are there, subscribe to the Cisco Alert e-mail newsletter, which includes news and views generated by the Cisco Subnet community as well as Cisco-related stories on Network World and elsewhere on the Web.
(WAN community)
|
|
re: Another NAC vendor bites the dust
I think Eric Ogren has it all wrong - there is definitely room for smaller vendors in NAC. Just because a couple have gone belly-up doesn't spell doom and gloom for the rest. As for Cisco and Microsoft being the only viable options, I couldn't disagree more. The market needs alternatives to the big guys to drive innovation, price competition, etc. The shake-out of vendors like Lockdown, Vernier, and Caymas is just part of the natural evolution of a maturing market space.
The whole NAC category is niche and pointless
IMHO, NAC is a niche solution for specific vertical markets such as military / police. This space is not even big enough for Cisco, it would not be the first time that they walked away from a technology.
NAC is all about fixing failures in Windows, which MS will eventually include or fix itself. And in the next six months NAC is going to struggle with the release of WinXP SP3 and Vista SP1 which will probably break NAC clients everywhere.
You can't choose to ignore these either (by staying on XP SP2) because of all the security fixes.
The rise of MAC and Linux desktops means that the NAC development resources will be stretched to provide coverage and that will probably lead to a failure to take hold in the market.
NAC might work for some people, but it isn't going to work for most people. That means a non-viable market.
Exit NAC, stage left.
No one will miss it, the current solution is a mess and needs to be replaced with something else.
http://etherealmind.com
re: The whole NAC category is niche and pointless
Greg,
It's clear you know little about NAC. It's not "all about fixing failures in Windows" - far from it. NETWORK ACCESS CONTROL is all about controlling who and what gets on the network, what they're able to access or not access, and much more. Unfortunately you're not the only one with a limited understanding of what NAC is really about - and that is the challenge for NAC vendors right now. It's not that it's "pointless" but rather that all those like Lockdown and Vernier who jumped on the NAC bandwagon succeeded only in confusing the market.
NAC sucks resources and causes bad outcomes.
I do not fully subscribe to the view that Access Control is the answer. I believe that you are not asking the right QUESTION.
The current implementation of NAC completely removes innnovation and creativity from the user by denying choices and new features. This forces computing to stagnate and become hated within the business levels for its restrictiveness and and failure to adapt. We become reactive and unable to work with business.
This then feeds a cycle where Computers and IT is regarded as a negative impact and a cost, not a profit centre driving innovation and business growth.
Once this cycle starts the business stops funding IT correctly and then the user perception really drops into ugly. Not enough staff to fix problems, obsolete hardware and software, demoralized IT staff and so on. Tell me that this is not familiar ?
NAC should die to make way for a successor technology that is worth having.
http://etherealmind.com
Like all new technologies, the perception is the problem
NAC does not take freedom away from the end users. What it does take away is the ability of non-employees and disgruntled employees the ability to negatively impact the day to day operations of the network. If you start with actual access to the network itself, and layer the policies for corporate assets and applications, you get a much more secure network with less work in the long run.
On most corporate networks, you plug in a laptop or some type of smart device into any port in a cubicle or on the wall and the DHCP server gives you an IP address. Regardless of what or who that device is. That device is now on the network. That gives any device carte blanch to snoop around to see what is on the network.
By addressing the who and what as the connection is established, you can limit or deny access throughout the network before any possible breach could occur. Transversely, the "known" device is granted all the rights and access it needs to do the jobs it is on the network to provide. And with properly administered network policies in place, the user on that device cannot wander into areas that are not part of the employee's function. Plus, as most corporate network users know, you still need an endless amount of user names and passwords to access the particular assets on the network. But stopping the possible violator before it gets a chance to even probe the network can never be a bad thing.
So by doing very little work upfront, such as registering the MAC address of a device as it is deployed, the network becomes a more secure environment for the entire corporation. And with less "unknown" devices taking up company resources, you can actually enhance the ability of the network to supply the resources that are needed by the people and devices it is designed to serve in a much more efficient manner.
re:NAC sucks resources and causes bad outcomes
So, Greg…what is your stand on network security? From what I can see of your writing you obviously ARE NOT a security professional because nothing that you have said makes any sense. You must be one of those “programming winnies” always crying for admin access… “…removes innovation and creativity from the user by denying choices and new features…” WTF?! Oh, what is a "bad outcome"?
NAC fixing failures in WHAT?
I'm pretty accustomed to everyone blaming Microsoft for all their ills, but NAC has nothing to do with failures or shortcoming in Windows. In fact, I can clearly remember the first day I ever thought NAC was a good idea...
It was the day back in the Netware 3.11 times that someone plugged into the company network a machine with a customer -configured (read: misconfigured) NOVELL client, which then polluted the network with bad SAP broadcasts and effectively DOS'd the entire campus. I had to physically restrain my tech lead from ripping the machine out of the wall and hurling it toward the window.
Care to blame Windows for influenza and rhinovirus while you're at it?
Other NAC Vendors will offer a buy back
It would be silly for any other NAC vendor not to take up a buy back from Lockdown's fall. It's all for show and everyone knows that they are not going to give Lockdown customers full value for what they bought.
Lockdown is selling their technology and assets if Bradford is talking such a big game they should write a check and get their customers another way. This is a small NAC vendor cashing in on Lockdown's down fall and it's truly sad that they have to conduct to these types of tactics especially when their NAC offering is weak at best.
re: Other NAC Vendors will offer a buy back
The previous post sounds like a bitter ex-Lockdown employee or other Bradford competitor feeling the need to take (anonymous) cheap shots. I'm very familiar with Bradford's solution, and it's one of the best out there, so they have no need to acquire Lockdown's assets. As for the customer base, if Lockdown actually had many customers they would probably still be in business...
Lockdown is to blame they
Lockdown is to blame they did it to themselves. Mis-management would be my guess. It is strange that there CEO bailed prior to there going under.
They came in 3rd in the network world test. Cisco came in 12th and has a weak solution but, they basically give it to you if you buy switches. They have enough markup to be able to do this.
Bradford gave there 10th place solution to most of there customers so I don't think they are going to be a long term survivor.
It will be interesting to see how many can survive if the 3rd place company cannot stay afloat.
I think that it will come down to 3 or 4 companies offering NAC. Microsoft, Cisco, Juniper and HP. It needs to be a portfolio item and not the only thing.
http://www.secureaccesscentral.com/wordpress/?p=7.php