There are now a number of free and open source network access control (NAC) products available. How do they typically...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
differ from what would be offered in a commercial product? Should companies use them to get a sense of whether they would benefit from buying a commercial product?
There's nothing wrong with open source products. However, I'd be wary about using them as a stepping-stone product choice.
First, let's look at open source products and how they differ from their commercial counterparts. There are two major players in the open source NAC market right now: PacketFence's Zero Effort NAC (ZEN) and Swisscom's FreeNAC. Both of these products have rapidly growing feature sets and appeal to those trying to implement NAC on a shoestring budget. They offer enterprise-class features, such as integration with Active Directory, virtual machine support and reporting/monitoring. What they don't offer is the slick user interfaces and advanced support available from a commercial vendor. They do offer some limited integration with products like McAfee Inc.'s Epo, but neither product boasts the wide range of third-party vendor support available from a commercial product.
Both Zero Effort NAC and FreeNAC have professional support available, but it's not free. PacketFence will provide a quote if you wish non-standard support or product customization, while FreeNAC requires that you purchase their enterprise edition that begins at $5,000 along with Gold Support at $8-$12 per device per year.
Second, you should think carefully about whether a "stepping stone" approach is really in your best interests. Deploying NAC is a resource-intensive process that often requires a high degree of user involvement. Are you willing to go through that twice? If you feel that NAC is appropriate for your environment, you'd probably be better off carefully selecting the right product (rather than a "starter" product) and deploying it in a careful, methodical manner. If you want to float a trial balloon, I'd suggest considering a small-scale pilot with a carefully defined group of users.
- Peter Giannoulis explains how to test drive NAC products without busting the budget.
- Learn more about the network access control basics.
Related Q&A from Mike Chapple
Web application firewalls may be a way to better security, but organizations need to be aware of the compliance implications of WAFs.continue reading
An SEC report shows over three-quarters of financial institutions were subject to at least one cybersecurity attack. Expert Mike Chapple looks at ...continue reading
The Data Accountability and Trust Act is likely to become a law this year. Expert Mike Chapple advises organizations on how to prepare.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.