Here is some insight from the CEO of one of the NAC appliance vendors, about who is buying NAC gear and what they go through before they shell out cash for it.

The businesses that are buying quickly fall into specific categories, the most interested being medical and education, according to Simon Khalaf, the president and CEO of Vernier Networks, which makes a NAC appliance.

These businesses buy, he says, because they have targeted security needs. For instance, medical networks need to make sure they comply with regulations about patient privacy. So they want to make sure that doctors, for instance - who have legitimate reasons to access patient data - only access sensitive information in a secure manner. That might mean making sure the laptop they use is secure or making sure they don't access information in a public area like a cafeteria.

Or in education, network executives face thousands of machines they don't own or control on the network and a user population prone to experimenting (some say hacking) to gain access rights that violate school security policies.

These types of organizations can see the immediate benefits of NAC appliances because they address a need without requiring massive network overhauls, Khalaf says.

The tougher sell has been major businesses that are looking to make NAC part of their network fabric to meet more generalized security requirements. These companies have been testing NAC gear one against the other for months in preparation for eventual deployment.

Now these businesses are finishing up their testing and about to buy, he says.

Look for announcements along these lines, because they can be instructive in two ways. First, it will mean that IT executives with jobs they probably want to hang on to have put those jobs on the line with their purchases.

And second, depending on how much information the customers will reveal about their decision-making, that can help narrow down which vendors others might put on their short lists.

Tim Greene is senior editor at Network World.