« Senate Spikes FISA Bill Cloture Vote | Main | Ask Eraser Prompts Privacy Squabble, Second FTC Petition »

January 28, 2008

NAC: a nice idea ... err ... collection of ideas ... kind of?

Rich Mogull sums up NAC as it will come to be known in 2008: A bunch of good ideas, wrapped in amorphous and fuzzy language, that turned into a vendor money grab before there was even a "there" there.

"It's a great idea, but like all great ideas a combination of big fish and bottom feeders wanted in. 'NAC' kept getting expanded and integrated with everything from 802.1x for port-based authentication (only letting a computer get a usable IP address after a user is approved- a pretty good idea) to all sorts of real-time monitoring, quarantining, VLAN weirdness, and kitchen sinks. It's a market that Cisco and Microsoft decided they want to control, and early on they started making waves without providing much in terms of functional product. It was a way for Cisco to get their endpoint agents onto desktops and to push clients to upgrade their networking hardware, since parts of their NAC don't work if they aren't built into the switch.

"I like NAC, and if I had more than 6 computers on my network it's the kind of thing I'd look at more closely. But I'd keep myself focused on the basics- protecting my network from malicious guest and mobile systems. I'd want a mix of agent and agentless (for managed and unmanged systems) and keep focused on pre- and post- connection health checks. I wouldn't wait for the big vendors, knowing that in the long term they'll own it all anyway, even if they have to buy it. Yes, Cisco has stuff now, but I hear it's pretty complex to deploy.

"NAC, like much of network security, will eventually be built into the network fabric. At best, we'll have a separate security control plane for separation of duties. This is a hell of a long way out and not something that should affect your buying decisions today."

Uh huh. And now when you talk to vendors who were trying to stake out NAC turf early last year, you hear about how last year's silver bullet is this year's "piece of the puzzle." And it'll be next year's fifth bullet on page three of some marketing presentation.

(Link)

E-mail   0 Comments    Digg This    add to del.icio.us

Posted by mhall at 6:10 PM | Add Comment

Leave a comment











Type the characters you see in the picture above.

 




JupiterOnlineMedia

internet.comearthweb.comDevx.commediabistro.comGraphics.com

Search:

Jupitermedia Corporation has two divisions: Jupiterimages and JupiterOnlineMedia

Jupitermedia Corporate Info


Legal Notices, Licensing, Reprints, & Permissions, Privacy Policy.

Advertise | Newsletters | Tech Jobs | Shopping | E-mail Offers