Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

NAC: More Is More: Page 2 of 13

"NAC is expensive, but worth it," says an information management expert at a federal government agency who asked to remain anonymous.

He wasn't totally positive, however, mainly because he had to use NAC products from more than one vendor. "There was no single solution that would do everything we wanted," the info management pro says. "And the two products we use aren't interoperable." To work around this situation, he uses a separate product for each application--some users must log out, then log in again when moving between e-mail and productivity applications.

For NAC vendors, the prevailing message from our readers is "make these products play nicely together, and hurry up about it."

"We've been evaluating NAC products since 2004, but they're a year behind what we need. Once the products could do what we needed, we'd moved on," says Allen Brokken, principal systems security analyst at the University of Missouri. Brokken eventually built his own system, which involved a lot of integration work. "All our NAC equipment has different purposes. We co-opted DHCP servers, firewalls and IPSs and spent a good chunk of three years putting it all together." Although he's happy with the system now, Brokken says he is still looking at commercial NAC products to improve features such as quarantine and remediation.

There definitely are lessons to be learned for those in the planning stages of NAC, or even in the pre-planning phase. As with many technologies before it, standards and interoperability are likely to cause some heartburn, and NAC will probably take a considerable bite out of your overall security budget.