22 September 2009

Network Access Control Appliances

SearchNetworking.com on TechTarget recently asked the question "NAC Appliance Vendors: Can You Depend on Them?", NAC being network access control. NAC means that you don't let anybody onto your network unless you know who they are, what they're doing, where they come from, and whether they're safe. A damn good idea, and seemingly obvious, but it took the industry years to come to agreement that this was a necessary idea. And NAC is, at its core, a very simple idea (though of course the implementations may not be).

So look, the answer here is simple, too. NAC as a capability will someday be found on every single network, even the Internet. It's just too important not to determine if the people accessing your network are infected or unauthorized.  So NAC is here to stay, and every network will have it.

NAC vendors are another question. John Pescatore is spot on when he says "When you look at NAC, it's like any other market. If there's 17 vendors, that's too many, and if there's zero that's too few". John's analysis is how the market will look over the next 3-4 years. (Although I might extend John's analysis even further out: eventually, buying NAC will be like buying TCP/IP.)

See how simple that is?