Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Rolling Review: In-Line NAC

Download a free PDF of this article at InformationWeek Reports

If your company is like most, the specter of fast-spreading worms like CodeRed, CodeGreen and SQL Slammer scares the crap out of you ... but not enough to justify a complex, expensive forklift upgrade to your network infrastructure. Cisco's original vision of NAC called for just that—after all, the logical place to ensure that every device connecting to the network is up to spec and free of viruses is at the point of connection.

While there's a certain sense to that notion, lots of competing vendors saw opportunities to provide the same benefits without the eye-popping price tag of a stem-to-stern network upgrade. Even Cisco itself now offers a NAC appliance.

This article is the first of a series and is part of NWC's Rolling Review of In-Line NAC. Click on that link to go to the Rolling Reviews home page to read all the features and reviews now.

Today, three main camps compete as alternatives to the full-on infrastructure upgrade: host-based, in-line and out-of-band NAC, with infrastructure-based systems operating as a variation on the in-band theme. As we discuss in Tutorial: Network Access Control (NAC) , each approach has strengths and weaknesses, some having less to do with the architecture of the product and more to do with the core competencies of vendors. To sort out the best of each camp, within the coming months we'll launch Rolling Reviews of out-of-band and host-based systems. For now, we're focusing on in-band NAC.

  • 1