There are now a number of free and open source network access control (NAC) products available. How do they typically...
differ from what would be offered in a commercial product? Should companies use them to get a sense of whether they would benefit from buying a commercial product?
There's nothing wrong with open source products. However, I'd be wary about using them as a stepping-stone product choice.
First, let's look at open source products and how they differ from their commercial counterparts. There are two major players in the open source NAC market right now: PacketFence's Zero Effort NAC (ZEN) and Swisscom's FreeNAC. Both of these products have rapidly growing feature sets and appeal to those trying to implement NAC on a shoestring budget. They offer enterprise-class features, such as integration with Active Directory, virtual machine support and reporting/monitoring. What they don't offer is the slick user interfaces and advanced support available from a commercial vendor. They do offer some limited integration with products like McAfee Inc.'s Epo, but neither product boasts the wide range of third-party vendor support available from a commercial product.
Both Zero Effort NAC and FreeNAC have professional support available, but it's not free. PacketFence will provide a quote if you wish non-standard support or product customization, while FreeNAC requires that you purchase their enterprise edition that begins at $5,000 along with Gold Support at $8-$12 per device per year.
Second, you should think carefully about whether a "stepping stone" approach is really in your best interests. Deploying NAC is a resource-intensive process that often requires a high degree of user involvement. Are you willing to go through that twice? If you feel that NAC is appropriate for your environment, you'd probably be better off carefully selecting the right product (rather than a "starter" product) and deploying it in a careful, methodical manner. If you want to float a trial balloon, I'd suggest considering a small-scale pilot with a carefully defined group of users.
- Peter Giannoulis explains how to test drive NAC products without busting the budget.
- Learn more about the network access control basics.
Dig Deeper on Network Access Control Basics
Related Q&A from Mike Chapple
Cloud compliance issues are no reason for enterprises not to move to the cloud. Expert Mike Chapple explains why, as well as what to keep in mind ...continue reading
The GAO reported on SEC cybersecurity weaknesses, even though the SEC regulates cybersecurity. Expert Mike Chapple discusses the effects of this ...continue reading
Enterprise compliance can be a burden to manage, which is where a PCI ISA can be helpful. Expert Mike Chapple explains how a PCI Internal Security ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.