News Stay informed about the latest enterprise technology news and product updates.

Forrester: NAC ready for wider deployments

With vendor consolidation subsiding, NAC technologies are maturing and ready for full scale deployments.

Despite slower than expected adoption, network access control (NAC) technologies have matured enough to be ready for more wide scale deployments, according to a new report issued by Cambridge, Mass.-based Forrester Research Inc.

Enterprises need a heterogeneous mix of technologies to cover an ever-widening set of scenarios.
Robert Whiteley,
principal analyst and research directorForrester Research Inc.

The dust is finally settling, according to Forrester. Cisco, Symantec, Sophos and Novell all made acquisitions of smaller vendors. Smaller vendors also showed signs of struggling with sluggish sales. Vernier Networks changed its name and approach as Autonomic Networks. Lockdown Networks shuttered its website and ceased operations in March prompting some experts to ask whether Lockdown customers would be left in the lurch.

Forrester recommends that companies should budget for a complex, hybrid deployment that addresses the growing use of mobile devices, supports access to a wider range of users, including customers, suppliers, and partners, and provides effective controls for regulations. The report, "Overcoming the Common Pitfalls of NAC," lays out ways companies can successfully plan for an implementation without running into the high costs, policy management issues and lack of ROI, associated with early deployments.

NAC news and information:
As hype subsides, NAC moves ahead: IT pros still have an interest in NAC technology. But as Neil Roiter explains, the cost and complexity of NAC means the road to adoption will not be quick.

NAC switches, appliances help track users, malware: Some vendors are offering switches and appliances to monitor traffic for malware and unauthorized access, as the NAC market including Cisco NAC and Microsoft NAP sorts itself out.

Vernier Networks quietly changes name, approach: One analyst says Vernier Networks' decision to re-launch as Autonomic Networks could be in response to slower-than-expected growth in the NAC sector.

Will Lockdown customers be left in the lurch?: Analysts aren't surprised Lockdown Networks closed, given the shaky state of the NAC market. The question now is what Lockdown customers will do for product support.
"Enterprises need a heterogeneous mix of technologies to cover an ever-widening set of scenarios," said the report's author, Robert Whiteley, a principal analyst and research director at Forrester Research.

Whiteley said companies beginning a pilot would need a mixture of hardware and software to control guest and employee access. Software-based NAC solutions ultimately won't be fully integrated until 2009. And NAC appliances are only suitable to solve guest-user access, Whiteley said. Companies wanting to control employee access would likely exceed the appliance's traffic throughput, he said.

Changes to NAC technologies in the market have added to the complexities and confusion of early adopters, Whiteley said. Despite sluggish growth, NAC is being successfully adopted. A recent Forrester survey found that 37% of respondents had already adopted NAC and an additional 18% said they plan to do so in the coming year.

Other surveys support Forrester's findings. Information Security magazine's Priorities 2008 survey, published January, showed that 31% of the respondents have already deployed NAC, 16% will deploy this year and another 34% will evaluate NAC technologies.

Whiteley said larger companies with more than 20,000 employees have been the early adopters and are now deploying NAC technologies more widely throughout the organization.

"These larger organizations feel the full brunt of multiple user constituencies, especially contractors and outsourcers, requiring access to the corporate network, and strict compliance requirements that demand greater visibility, reporting, and segmentation," Whiteley said in the report.

To get started, IT pros should develop a business case based on securing both guest and employee access, Whiteley said. He warns that companies need to steer clear of some common mistakes associated with NAC deployments that often result in failures.

Forrester said companies should:

  • Build a business case based on guest and employee access.
  • Identify and prioritize all the relevant scenarios, which requires collaborating with security colleagues.
  • Kick off a three-stage deployment process with escalating enforcement actions
  • Avoid common implementation mistakes like choosing products that lack rich identity capabilities.

    Sometimes companies miscalculate the current state of their systems. Outdated hardware could cause a NAC deployment to fail, according to Whiteley. Companies also often fail to choose NAC technologies that integrate easily with an identity and access management tool, making employee access control an issue.

    Too many enforcement options and NAC technologies that fail to dynamically create a list of remediation options for specific end user problems could also mangle a NAC deployment and result in increased help desk calls.

  • Dig Deeper on Network Access Control technologies

    Start the conversation

    Send me notifications when other members comment.

    Please create a username to comment.