What can NAC do for you now?

Test of 30 products shows benefits, limitations of existing Cisco- and standards-based NAC schemes

With a virtual lock on the Ethernet switching market, any enterprise IT manager has to consider Cisco’s product line as at least one NAC options.

With a virtual lock on the Ethernet switching market, any enterprise IT manager has to consider Cisco’s product line as at least one network-access control option.

But how does a Cisco-controlled NAC deployment hold up against the more industry standards-based one offered up by the Trusted Network Connect (TNC) working group of the Trusted Computing Group (TCG) and backed by Cisco competitor Juniper Networks?

How we set up Cisco NAC

We conducted the industry’s largest public test of available NAC products, and found that for very simple NAC tricks, either architecture will do. In both cases, once you step out of the world of Windows clients, IT personnel will be pushing the bleeding edge of security technology, and need to be prepared for a longer-than-normal testing and deployment schedule.

How we set up TCG-TNC NAC

However, for more complex NAC deployments where you’ve got to incorporate policies for guest users and agentless devices like PDAs and printers, the combination of Cisco’s range of NAC-ready infrastructure gear and its marketing muscle that has corralled more vendors to play its version of the NAC game, serves up a more mature, fleshed out ecosystem for implementing advanced NAC configurations than the thinner rendition available from TCG/TNC partners.

Snyder is a senior partner at Opus One, a consulting firm in Tucson, Ariz. He can be reached at Joel.Snyder@opus1.com.

NW Lab Alliance

Snyder is also a member of the Network World Lab Alliance, a cooperative of the premier reviewers in the network industry each bringing to bear years of practical experience on every review. For more Lab Alliance information, including what it takes to become a member, go to www.networkworld.com/alliance.

See other stories in this package:

NAC authentication with XP clients is a snap

NAC enforcement tools fall short

Cisco, TCG deliver on basic end point security

NAC management can be a headache

Learn more about this topic

Clear Choice Test: Largest public review of NAC products

Does a good SSL VPN provide good NAC?

Why Vista is missing from NAC landscape?

NAC all-in-one test on the horizon

Test methodology

NAC Buyer's Guide

Join the Network World communities on Facebook and LinkedIn to comment on topics that are top of mind.

Copyright © 2007 IDG Communications, Inc.

SD-WAN buyers guide: Key questions to ask vendors (and yourself)