Upcoming Events

Executive conference

Cloud Connect March 16-18

Comprehensive thought leadership for executives, IT professionals and developers. Topics include: the ROI, cost and economics of on-demand computing; Migration strategies to move from on-premise to cloud-based IT; Vertical cloud specialization, tailoring features and architectures to specific applications, industries, and customer ecosystems

More Events »

Vendor Newsfeed

More Vendor Newsfeed »

Subscribe to Newsletter

  • Keep up with all of the latest news and analysis on the fast-moving IT industry with Network Computing newsletters.
Sign Up

NAC Vendors Vie Over Architecture, Product Direction

Posted by Richard Karpinski on January 26, 2007

The network access control (NAC) market has finally matured enough that vendors and users can at least agree on the baseline features and functionalities required to make up a NAC solution. On deck for 2007: the battle of NAC architectures, an expected standards shake-out; and plenty of vendor posturing, positioning and - more than likely - consolidation.

That was the story at Network Computing's NAC Forum event, held Thursday in San Jose, Calif. The event brought together NWC real-world IT analysts, leading NAC vendors and users that have both deployed NAC and those still in the evaluation phase. Even though NAC feature sets and technology approaches remain in flux, several users detailed early successes in rolling out NAC in their enterprises.

Key business drivers included improving remote and guest access to corporate networks; avoiding catastrophic attacks and vulnerabilities; and locking down security policies and practices for regulatory compliance.


Network access control (NAC) processes boil down to a repeating series of steps:
Monitor host
• Define/deploy policy
• Gather host posture
• Compare posture to policy
• Make access decision
• Enforce access decision
• (Repeat)
As for deploying NAC, the costs can be high both on the product side ($50 per desktop and up) as well as the operational side, including the need to not only create but administer new security policies, according to Fratto. As for product interoperability, Fratto said: "There's little interoperability today and no clear indication of interoperability in the future."

In the end, NAC offers tighter and more fine-grained access control, but stops short of application-level control. "It makes the attack surface somewhat smaller, but fundamentally the question remains 'what can a user access on the network?'"
Mike Fratto
Senior Technology Editor

Cedars-Sinai Medical Center has completed a NAC deployment using NAC gear from Vernier Networks to manage how a wide variety of devices access its corporate network, including not only computers, laptops and handhelds but net-enabled medical instruments such as heart monitors and even task-specific robots. "In looking for a NAC solution, it's important to keep things in perspective. NAC isn't a magic pill," said Mazen Abu-Hijley, director-networking for Cedars-Sinai. "From an operational perspective, we were looking for something that was easy to put in and allowed us to apply and monitor the policies we needed."

Page:   1   2   3  Next  »

Add Your Comment:

  Sponsored Links

Premium Content

Data Centers Gone Wild
February 22, 2010
NWC


Salary

Video

View All Videos

Most Popular

Stories Blogs

More Stories »

Whitepapers

More »

BlogRoll