Skip Links

Network World

  • Social Web 
  • Email 
  • Close

NAC's immaturity

Reasons experts have for choosing certain NAC appliances
Security: Network Access Control Alert By Tim Greene , Network World , 04/26/2007
Tim Greene
Sign up for this newsletter now!

Senior Editor Tim Greene clarifies issues surrounding the evolving NAC security architecture.

  • Share/Email
  • Comment
  • Print

The sometimes simple reasons network security experts use to justify which NAC scheme they choose are signs of NAC’s immaturity.

One recent NAC customer - a university - chose a particular NAC appliance over a network-based NAC architecture for one reason: price. Upgrading switches to support NAC would simply cost too much.

Another customer, also a university, chose its NAC vendor because the product required no software be installed on end-users’ machines. With an enormous transient student population that starts fresh each fall, the school wanted to avoid the burden of installing and supporting software on all those machines.

Universities represent a prime NAC market precisely because they have so many transient workers that come and go as part of the user community and who also travel from building to building and campus to campus.

They have a broad exposure to potentially infected machines, and like many small businesses, many universities are strapped for cash so they are forced into inexpensive answers to their problems. Appliances meet the requirements on that score.

These appliances with no client software are limited, though, in what they can do. The thoroughness of their endpoint inspections are less than products that do use client software.

But because the clientless gear meets specific burning needs, they win customers and are useful to them. That doesn’t mean the customers wouldn’t like more from the products, it just means they recognize the gear is worth the price for the functions they perform now. This same rationale applies not just to universities but also to businesses that have targeted needs and limited budgets.

As endpoint-checking gear becomes more ubiquitous through other security or operating system products, these problems will disappear. When NAC grows up a little more, more customers will be able to reap greater benefits from it.

Tim Greene is senior editor at Network World.

  • Share/Email
  • Comment
  • Print
Partner Content

Brilliantly simple security and control solutions for email, web and endpoint

www.sophos.com

Stopping data leakage

Learn how to exploit your current security investment to control the information that flows into, through and out of your network.

Download the white paper.

Why detection rates aren't enough

Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.

Download the white paper.

Applications: taking back control

Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.

Learn more today.

Comments (1)
Login
Forgot your account info?

Re: NAC's immaturityBy Anonymous on April 30, 2007, 1:11 pmAre you serious? What about cost justified risk mitigation? What about the players in the market? What about how some of these technologies work? What about good...

Reply | Read entire comment

View all comments

Add comment
Anonymous comments subject to approval. Register here for member benefits.
Have a NetworkWorld account? Log in here. Register now for a free account.

Videos

rssRss Feed
Get instant email notification when white papers, webcasts, executive guides are added to our library. Stay informed and up-to-date with the latest on IT Technologies with Network World's Resource Alerts.
Network World,to go. Wherever you are. Breaking news delivered to your mobile device. Select the hottest topics in networking and start receiving Network World on your mobile device today.