Networking

12:00 PM
Connect Directly
Twitter
LinkedIn
Google+
RSS
E-Mail
50%
50%

Sneak Peek At Our Third Annual NAC Reader Survey

Our readers say the network access control market has lost much of the momentum it had last year. But don't count it out just yet.

NAC buyers and sellers are circling one another warily, awaiting the opportune moment to make a move. On the supply side, we expect vendor consolidation this year. Meanwhile, enterprises are evaluating network access control's ability to help in compliance efforts--without lost productivity or connectivity. Those are just a few conclusions drawn from our third annual survey on NAC. We received 702 total responses; final results reflect only participants involved in the decision-making process. These 471 business technology pros are interested in access control, but leery of its cost and complexity.

Even though standards as a whole evoked yawns, we saw increased interest in frameworks from Cisco Systems and Microsoft, two companies that already enjoy strong enterprise ties. Yet the NAC market boasts no fewer than 20 vendors, many of them startups, all vying for business worth $225 million in 2006, according to Gartner. That's not enough to go around, apparently--Caymas Systems closed its doors in 2007, and Lockdown Networks went bust in March. Vernier Networks, aka Autonomic Networks, is looking to get out of the NAC market.

InformationWeek Reports

Slowing sales aren't the whole story. The number of companies deploying NAC is down 50% from 2007, when we first asked the question. This represents a fairly typical cycle: Early adopters rush to deploy, followed by a slowdown as more conservative organizations appraise their options. The economy likely also plays a role. In a recent InformationWeek Research survey of 374 business technology professionals, 57% said their budgets are under pressure.

The news isn't all bad for NAC--more than half of respondents are evaluating or planning to deploy--yet we were interested to see that of companies with no NAC plans, 55% based that decision on concern that NAC won't improve their security stances or live up to promises. This represents a reality check: NAC is no silver bullet, and information security professionals realize that a host that passes inspection when it logs on to the network may later become malicious. More important, NAC solves a very small subset of security problems, and success depends on the architecture. In-band products tend to focus on granular network access control and application monitoring, while out-of-band systems are better at host assessment and deciding who gains admission to the network.

Chart: Is Your Organization Deploying NAC?
An even larger concern, cited by 66% of respondents not planning to deploy NAC, is productivity impact. Given the raison d'etre of NAC--disrupting network connectivity--this is a valid worry. You certainly don't want staff spending hours manually overriding access for users. In response, NAC vendors have developed fairly flexible policy-development features so IT can balance automated access control with reasonable limits. From a features standpoint, the ability to quickly and easily recover a quarantined computer or override host status varies greatly based on enforcement method.

Finally, 65% of those deploying, planning to deploy, or evaluating say it's very important that a NAC device failure doesn't compromise network resiliency. Depending on how the access control product is implemented, different methods for ensuring continuous throughput are used. In-band devices, for example, should be able to participate in Layer 2 resiliency functions in an active or passive manner, while in out-of-band setups, where the NAC appliance is the Radius or DHCP server, a combination of appliance redundancy and switch features that use multiple servers can do the trick.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Hot Topics
14
White-Box Switches: Are You Ready?
Tom Hollingsworth 7/28/2014
10
Fall IT Events: On The Road Again With 10 Top Picks
James M. Connolly, Editor in Chief, The Enterprise Cloud Site,  7/29/2014
7
Understanding IPv6: Link-Local 'Magic'
Denise Fishburne, Cisco Champion,  7/24/2014
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed