NeoAccel is introducing a NAC appliance that will allow a device onto a network but then block if from running unauthorized applications.

Called NAM-Plus, the appliance performs a pre-admission scan of devices as they log in to the network. If they pass, the device applies a preset security policy to the device via client software downloaded at the start of the session.

The client software can enforce blacklisting certain applications so they are blocked at run time, or it can whitelist applications. So if the client has a policy to disallow instant messaging, it will block it. Applications not specifically addressed in the policy can be referred to the NAM-Plus policy engine for resolution or to a network administrator.

This differs from the method used by some other NAC appliance vendors whose gear blocks unauthorized applications when they attempt to cross the network. With NAM-Plus, a portion of what would otherwise be unauthorized traffic never gets generated. But this also means another client on end devices that customers have to worry about.

This is NeoAccel’s first entry into NAC. It indicates, at the very least, that NAC is still considered hot enough to be drawing new competitors into the arena. The market will be mature when competitors start disappearing, but that won’t be for a couple of years yet.

The device comes in three models ranging from $3,000 to $15,000 for the hardware, plus user licenses. The $3,000 box with 100 user licenses costs $15,000. They will be available at the end of February.

Tim Greene is senior editor at Network World.