RSS Alerts

Share

More services

Top 5 Stories

News

Market for standalone NAC products expected to vanish in five years, says Forrester

06 July 2011

The market for standalone network access control (NAC) products is expected to “disappear” in the next five years in favor of functionality embedded in diverse security products, according to a recent report by Forrester analyst John Kindervag.

Kindervag judged that the standalone NAC market is in the “survival stage.” Only 10% of security decision makers plan to implement the technology in the next 12 months, according to Forrester data.

The NAC market includes products that provide the ability to authenticate devices as they enter the network, monitor those devices, and remediate devices that are not in compliance with security requirements.

The Forrester analyst provides two main reasons why he believes the market for standalone NAC products will disappear. First, NAC products are complex to deploy, scale, and manage. Second, they are not able to stop a malicious insider who wants to commit a security breach. “At the end of the day, NAC protects you from honest people who are out of compliance.”

Instead, Kindervag expects vendors to embed NAC functionality into security software suites or infrastructure security stacks. Mobility is pushing the security focus away from the network perimeter and toward the mobile devices themselves.

“As mobility deperimeterizes the network and compliance mandates and data theft issues drive enterprises toward data-centric security models, NAC functionality must enforce data access at a more granular level throughout the extended network”, the analyst wrote.

Scott Gordon, vice president of worldwide marketing at ForeScout – which was named one of the top NAC vendors by Kindervag –shares a different opinion than the analyst's prediction about the future of the standalone NAC market.

The presumption that organizations can refresh their entire infrastructure in order to get some degree of NAC that might be embedded either in the system or in the network is questionable in the five-year timeframe, Gordon told Infosecurity.

At the same time, the market is progressing and ForeScout has evolved its product to automate endpoint compliance, mobile security, and management and enforcement of policies for non-managed personal and guest devices, Gordon said.

To assume that every device is manageable and that policies can be uniformly administered by one network infrastructure or endpoint security vendor is not realistic, Gordon said. Given how market requirements are expanding, he questioned the near-term demise prediction. “So I don’t think we are in agreement with such a black and white conclusion”, he added.

Gordon said his company, which is a standalone NAC player, is growing strong, reporting a 44% year-over-year bookings growth for 2010.

Other analysts contradict Kindervag’s prediction.

Infonetics Research, for example, predicts that the NAC market will reach 84% growth by 2014. Large-scale threats, compliance mandates, and the consumerization of IT are fueling demand for NAC products, said Infonetics analyst Jeff Wilson.

The year “2010 was a solid rebound year for NAC enforcement appliances. The market saw double-digit annual growth, and by 2013, we expect revenue to surpass the market’s peak in 2008”, Wilson said.

Neil MacDonald of Gartner shares a similar view of the NAC market. “I’ve seen a shift in focus in each of these technologies from ’blocking’ to ’monitoring’ to provide visibility and intelligence as to what is actually taking place on our IT infrastructure”, MacDonald said.

In a March NAC competitive landscape report by Gartner, the research firm estimated that the NAC adoption rate in the broader market is approximately 30%. Gartner expects this segment (standalone NAC) to record a 30% compound annual growth rate from 2009 through 2014 – higher growth than that of network infrastructure and endpoint NAC vendors.

This article is featured in:
Identity and Access Management  • Internet and Network Security • Wireless and Mobile Security

 

Comments

jobeard says:

06 July 2011
First poor assumption by Forrester is the existence of a silver bullet / single solution. Issues are far too complex today for that naive approach.

Secondly, without a silver bullet, multiple layers WILL exist and the more one can bar the entry points, lessens other layers to perform indepth controls per usage patterns.

The 'trusted employ problem' is the nightmare and total monitoring of all access is the sole solution at the moment and that issue will never be solved at the gateway or end-use device.

Note: The majority of comments posted are created by members of the public. The views expressed are theirs and unless specifically stated are not those Elsevier Ltd. We are not responsible for any content posted by members of the public or content of any third party sites that are accessible through this site. Any links to third party websites from this website do not amount to any endorsement of that site by the Elsevier Ltd and any use of that site by you is at your own risk. For further information, please refer to our Terms & Conditions.

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012