Cisco Systems this week will reveal a shift in its network admission control strategy that involves recasting its NAC product as a tool appropriate for enterprise deployment.
The Monday unveiling of NAC Appliance 4.0, an update to the software portion of the appliance-based product that has been known as Cisco Clean Access (CCA), gives large organizations a way to deploy NAC without requiring a network infrastructure upgrade, said Alex Thurber, director of security and wireless for worldwide channels at Cisco.
Cisco has deployed the CCA appliance in more than 650 customer sites since launching the product last year, but the San Jose, Calif.-based vendor's long-term NAC strategy hinges on building an intelligent network infrastructure and framework policy it hopes will become a standard deployment methodology. That initiative, which Cisco is working on with Microsoft and more than 75 software partners, has yet to reach the market.
NAC Appliance 4.0, which can be deployed either in a software-only fashion or as part of an overall appliance, can scale up to 100,000 users and 150 locations, and can be deployed out of band in Layer 3 to decrease the number of servers needed for deploying NAC in large enterprise networks, Thurber said.
"While we still support smaller NAC deployments, we recognize there is a key role the appliance can play in bigger organizations," he said.
Brian Haboush, vice president of business development at Intelligent Connections, a Royal Oak, Mich.-based solution provider, says the deployment size and scalability of the appliance has never been a shortcoming. "Cisco may be repositioning the NAC appliance to help put a different marketing wrapper on it for the enterprise," Haboush said.
Although large enterprises understand the benefits of the NAC framework, the notion of upgrading network infrastructure remains a barrier, Thurber said. "Companies need a way to protect their networks right now, and that's why we made enhancements and modifications to the [CCA] appliance."
NAC, also known as network access control, protects networks from threats by scanning PCs for malware when they attempt to connect, ensuring patches and software are up to date, and quarantining infected or noncompliant machines.
NAC Appliance 4.0 gives companies a way to test NAC to understand how it impacts their networks, and Cisco has designed it to be forward-compatible with the larger framework, Thurber said. Companies that want to deploy the NAC appliance today can use the same tools when they roll out the NAC framework.
Pricing for Cisco's complete NAC solution begins at $8,995.