Look to NetMotion to add NAC to its wireless VPN gear later this year.

The NAC product will be part of a software upgrade for its Mobility XE platform that will add NAC scanning capabilities to the Mobility client.

The software will scan wireless devices before they are admitted to network resources. The scan will check that virus software is turned on and updated, operating systems are patched, antispyware is installed and running, URL filters are working and the like.

The platform as it stands today consists of the client software that runs on Windows hosts and a server that proxies a VPN link between the end device and the network. The server also maintains sessions with the wireless devices as they pass from access point to access point. So when devices pass from one to another, sessions pick up where they left off without losing data and without requiring the end user to log in again.

The Mobility server already includes a policy engine for authentication and assigning access rights based on criteria based on Layer 2 to 7 parameters. This same engine will be used to decide whether a device passes NAC muster and what resources it should gain access to.

With NAC added to the mix of Mobility XE functionality, network security experts can tack on an extra layer of protection beyond what is provided by NetMotion’s VPN.

The functionality is just for wireless devices, so it will still be necessary to install a supplemental NAC system for wired access if controlling LAN devices is required.

Tim Greene is senior editor at Network World.