NetClarity sells NAC gear that until now blocked suspicious traffic in a mysterious way that somehow involved switches in the network, but all the company would say about it was: Patent pending.

Now the patent has been issued and the company is talking about how its gear talks to switches, via common line SSH or TELNET instructions to the switch.

This means that customers can enforce NAC policies using whatever switches they have in their networks. This is one of the issues businesses have when considering NAC. They don’t want to do the proverbial fork-lift upgrade in order to gain the benefits of NAC.

The company claims that this means installing its equipment can be a tenth or less the cost of some competitive NAC options.

The downside is there are a lot of switch models out there each with its own interfaces, so that depending on the switch, NetClarity might or might not have it baked into its NAC gear.

The company acknowledges this potential drawback and says it plans a plug-in builder for customers to write directions for their own particular switches. If customer-written plug-ins pass quality testing by NetClarity, they may then be submitted to a plug-in library free to other customers. Over time, this could eliminate the need for the plug-in writer.

The company also has plans to expand the enforcement options available when its equipment detects traffic that violates policies. Rather than just either block it or allow it, the equipment will be able to quarantine suspicious traffic as well.

Tim Greene is senior editor at Network World.