Demand for NAC products is expected to be fuelled by the bring your own device (BYOD) trend, reduced system complexity and increased ease of deployment, improved effectiveness of NAC products, and the ability to provide access policies for a range of end users, explained Chris Rodriguez, an industry analyst with Frost and Sullivan.
The top four NAC vendors – Cisco, ForeScout, Juniper, and Bradford – control 71% of the market share, according to Frost and Sullivan's 'Analysis of the Network Access Control Market'.
“We see NAC as one of the few products fully capable of dynamically addressing the changing enterprise network and well as regulatory compliance”, Rodriquez told Infosecurity. NAC market growth increased significantly in 2011 to $163.3 million from $144.3 million in 2010, he added.
NAC products provide companies with an inventory of devices on the network and the ability to enforce access and security policies, Rodriguez noted. They also enable companies to segment the network so that a portion can be used for guest registration; this saves companies money because they do not have to invest in dedicated T-1 lines for guests, he said.
The NAC products should be capable of integrating with network scanners, endpoint software, identity and authentication systems, wireless access points, switches, routers, firewalls, and virtual private networks, he noted.
NAC market leader Cisco brought together its identity services together under a unified NAC platform, explained Matt Schmitz, Cisco product manager. Cisco now offers a “policy brain”, which is the Cisco Identity Services Engine (ISE), and the “enforcement brawn”, which is the infrastructure that is in place, Schmitz told Infosecurity.
To tackle the problems presented by BYOD, Cisco recently launched a product based on its Border Networks architecture, which enables organizations to deploy a comprehensive NAC approach that provides a unified access policy across various wired and wireless platforms, supports a better user experience, and simplifies network management.
ForeScout’s main NAC product is CounterAct, which provides an automated security control platform. One of ForeScout’s customers, Charles River, decided to deploy CounterAct because the drug research company was having trouble with its existing infrastructure-based NAC product. Charles River was experiencing networks outages because of conflicts between its existing NAC software and new applications deployed to endpoint systems, as well as having NAC silos at different locations.
“Our previous implementations were each designed for a single site”, explained Keith Rodwell, Charles River’s principal infrastructure and security architect. “As Charles River moved to centralized IT services, we tried to integrate our NAC implementations to create a single unified enterprise policy. This proved beyond our ability to do. In contrast, ForeScout CounterACT easily supports a unified NAC policy for all of our sites, including sites that utilize other brands of switches. Now we have unified enterprise network access control system for all of our sites”, he added.
To learn more about the NAC market, check out Infosecurity’s webinar 'You Don’t Know NAC: Applications, Innovations and User Insights from Evaluation to Deployment' being held April 4 at 15:00 GMT. To register, click here.