- Mythbuster busts his own tale
- 10 open source companies to watch
- Sony recalls 73,000 Vaio laptops
- Tool to evade China's Web censorship
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
Network access control promised a much-anticipated, multi-faceted set of tools that could check endpoints for compliance, fix machines that flunked, define and enforce user access rights, and monitor user activity to assure continued compliance.
So, why are most NAC deployments targeted at the most basic task of keeping guest users off the corporate network?
Read how NAC secures U.N. agency
See slideshow on What is confusing about NAC.
Read the transcript from a live chat debate between security gurus Joel Snyder and Richard Stiennon. On July 22 they argued the merits of NAC with Snyder defending NAC
and Stiennon dissing it.
Plus, read an earlier chat with Snyder on NAC.
The short answer: NAC turned out be far more difficult to roll out across a large enterprise than customers imagined.
"It was supposed to be what people have been looking for - the weaving together of infrastructure and security," says Yankee Group analyst Phil Hochmuth. "It turned out to be a lot harder than anyone thought it would be. A lot of stuff didn't work or wasn't delivered for a long time."
Forrester analyst Rob Whitely says NAC's reputation has taken a beating of late perhaps because users misunderstood the complexities of deploying it successfully. Businesses installed NAC appliances for guest access then tried to expand to screening for security compliance and controlling access for all managed corporate endpoints, he says. That increased the load on the NAC machines to the point where the gear can't handle it.
"Now you're probably spending more time and energy retrofitting your environment than you ever did on the initial deployment," Whiteley says.
Of course, NAC isn't an all-or-nothing proposition. There are plenty of useful things that companies can do with NAC that fall between guest access on one end of the spectrum and a full-out deployment that takes advantage of all of NAC's capabilities.
"Companies are beginning to get a little more savvy about how they approach network access control and as a result they're getting out what they put in," Whiteley says.
In fact, Gartner predicts that sales of NAC gear will double this year. Gartner's long-term view is that sales of NAC-specific products will continue to increase in 2009 and 2010, then flatten out and begin to decline as other NAC options - installing it on endpoints, embedding it in switches, servers and computer operating systems - start to take hold as the preferred methods of deploying the technology.
Rss FeedRss Feed
Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
The ROI and TCO Benefits of Data Deduplication for Data Protection in the EnterpriseThis paper examines and quantifies the costs and benefits of backup with deduplication storage as...
Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
We have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (10)
Article is unclearBy Anonymous Badshah on July 22, 2008, 6:45 pmIncreasingly and unfortunately, Tim's article are becoming a clutter of disjoin pieces of info/quotes. It seems he picks up a few word from what he hear from cold...
Reply | Read entire comment
Tim Greene no expertBy Anonymous on July 22, 2008, 5:52 pmHow come you don't read any Gartner NAC references?
Reply | Read entire comment
comment is unclearBy nealw on July 22, 2008, 4:57 pmI think if you re-read the story, you'll see that Tim did not cold call any sales reps. He did talk to enterprise NAC customers and key industry analysts, however.
Reply | Read entire comment
60000 nodes in 90 daysBy Anonymous on July 22, 2008, 1:51 pmSophos did it with the one of the largest customers in the world. Ask why Sophos deployments are 100% successful.
Reply | Read entire comment
But there is a difference! By stiennon on July 22, 2008, 11:11 amYou wrap up your column by referring to Firewalls, IPS, and VPNs as technologies that businesses rely on. There is a huge difference between those successful technologies...
Reply | Read entire comment
View all comments