- 4chan hell raisers finding fame brings heat?
- The 10 dumbest mistakes network managers make
- NetApp quits bidding war in face of EMC opposition
- CompuServe closes after 30 years
- Google to launch open-source Chrome OS this year
Of businesses that already use NAC in combination with antivirus software, more than a third suffer malware attacks anyway, according to a survey funded by Symantec.
Based on results of questioning 300 people who attended InfoSecurity 2007, 82% said they use NAC in combination with antivirus software, and 36% said their networks became infected with malware anyway.
This result indicates what is commonly accepted about NAC, that it isn’t the only security networks need to block malware. It is a risk-mitigation measure because it can identify machines less likely to be infected and allow only those onto the network. But as the result shows, that doesn’t mean they aren’t infected.
Those who had implemented NAC were asked the main reasons for doing so, and were allowed to respond to more than one choice. The top three chosen were preventing unauthorized users from getting on the network (80%); preventing data loss (66%); and enforcing security and access policies (61%).
More than half (55%) of the respondents already have NAC of some sort installed in their networks, and 31% say they are not interested in NAC.
These NAC users were also asked what other technologies they required to interoperate with NAC, and 98% chose other security software. Three other technologies mentioned were virtual desktops (53%); printers and peripherals (51%); and mobile gear (47%).
The top three reasons businesses hadn’t deployed NAC were that it cost too much (35%); it was incompatible with the network or operating systems (27%); and it was too disruptive to the network and to the organization as a whole (20%).
Asked where they thought NAC was best enforced, 63% said on the network; and 37% said on the endpoint. Each choice included a qualifying statement. Part of the network question said, “It’s better to rely on the network’s own security features to prevent attacks and damage.” The endpoint choice included, “It’s better to evaluate and remediate devices before they connect to the network.”
When asked “what frustrations, if any, have you had in implementing or managing” NAC, an astounding 86% said “none.” Based on reports about product testing done by professionals and on anecdotes from NAC customers, it’s hard to believe so many found no frustrations.
Tim Greene is senior editor at Network World.
The Leader in Network Knowledge
Comments (2)
Nothing Really New or Useful HereBy Dana Hendrickson on October 16, 2007, 10:46 pmThis is just one more in a steady stream of articles about NAC surveys with useless data and uncritical analysis. Instead of railing on this website about the worthlessness...
Reply | Read entire comment
RE: It takes more than NAC to block malwareBy domwilde on October 16, 2007, 6:25 pmInteresting stats here that validate the fact that NAC has to evolve into a more holistic approach than just endpoint posture checking. An approach that we have...
Reply | Read entire comment
View all comments