Cloud Security|Cloud computing offers advantages over building and maintaining private data centers including flexibility, reduced maintenance and operations costs and the ability to employ lower powered, lower priced personal computers.
Enterprises are fed up with agents on their endpoints - very fed up. Part of the reason is that the more agents on an endpoint, the more demanding the task of maintaining them. Another part is the complaints that flood the help desk when something goes wrong, or doesn't go wrong yet an agent degrades performance of the endpoint.
Recently a network security consultant told the story of one of his clients who dumped the vendor that supplied a 300,000-seat antivirus software deployment. Why? Because every time the antivirus agent would update its signatures, it would download a completely new image of the library, not just the changes that had taken place since the last time.
That slowed down performance of the machines being updated every single day, generating complaints from end users. So many, in fact, that the situation signaled the death knell for that vendor in that account. Software from the replacement vendor updates only the changes.
This state of affairs is bad news for NAC vendors that rely on agents, not that they slow things down with constant updates, but that they represent just one more agent to clutter up desktops and the lives of desktop administrators.
Hence the attractiveness of agentless NAC that checks out endpoints from the outside or sends down agents on the fly without demands for maintenance.
This is also good for NAP, Microsoft’s version of NAC, because one key component of NAP is the agent that comes with Vista clients and will be included in XP Service Pack 3.
As the security consultant says, it doesn’t matter how late Microsoft is with NAP, it’s going to be welcomed by a large number of businesses trying to streamline desktop operations.
Tim Greene is senior editor at Network World.
Rss FeedRss Feed
The Leader in Network Knowledge
Comments (5)
This is really a general software problem...By Dan Clark on March 11, 2008, 6:28 pmThis seems to indicate that customers are fed up with bad software, not agents per se. The example cited was an antivirus product with a brain-dead approach to...
Reply | Read entire comment
Blogs like nactalk.lockdownnetworks.comBy Robert B on March 12, 2008, 11:01 amDoes anyone else find vendor blogs like nactalk.lockdownnetworks.com a little troubling? They appear as a neutral blog discussing a topic, except they only contain...
Reply | Read entire comment
Can't live with them, can't live with themBy Alan Shimel on March 13, 2008, 9:56 amI guess that is true of agents in general and not just NAC agents. The problem is no matter how appealing there are times you just can't get it done without an agent....
Reply | Read entire comment
What NAC is right for me?By Anonymous on March 18, 2008, 10:54 pmSo many NAC vendors are claiming to have a agentless solution but the blocking mechanism is too much of a high risk, some are creating ACL's to the switching infrastructure...
Reply | Read entire comment
Lockdown NetworksBy Anonymous on March 21, 2008, 8:34 amIt would be nice to know that Lockdown Networks has seized operations as of March 18, 2008 so this is no longer a viable solution.
Reply | Read entire comment
View all comments