The next step is in understanding what your existing security portfolio is and where the endpoint solution will fit in with what you have. Depending on when you purchased your firewalls, intrusion prevention appliances, and authentication servers, you may not want to swap any of this gear out or to buy an endpoint product that duplicates what you already have.
Some of the products (such as Vernier) come with their own intrusion detection and prevention systems or virtual private network gateways that are part and parcel to the endpoint security solution, while others (such as Lockdown Networks) work with existing IPS, IDS and VPN products. While this is great news if you are in the market for any of these products, realize that your endpoint security will only cover machines that remote users are running and not scan any local network users' machines. To cover both local and remote users, you will need to implement something along the lines of 802.1x authentication.
Cisco's NAC assumes that all of your Cisco products are running at the most recent versions: if not, then consider going elsewhere unless you want to spend the money to upgrade everything. If you have a significant investment in network switches and routers from non-Cisco vendors, then products that support the other two architectures will make more sense.
Recommendations:
3) What on your network are you really protecting?
Discover the benefits of scalable backbone and network services for application and cloud providers.
Network automation is gaining momentum. Here's how you can drive this powerful technology to its full potential.
Subsea cable alternatives can provide a level of comfort for those concerned about disruptions. Realistically, they will continue to play a small, but critical role in the short term.
