Vendors Getting the NAC At Interop

As the 2006 Interop trade show gets under way in Las Vegas, a dizzying number of networking and security vendors will be rolling out new products and services all week.

On the security side, one of the week's technologies to watch is network access control (NAC). As the usage of corporate networks expands and begins to incorporate new elements such as wireless devices and mobile users, the need to police network gateways is becoming especially crucial.

"Companies are really concerned about mobile users and about adding additional people to their networks; they need to control the network endpoints more than ever," says Kathy Johnson, director of sales for Johnson Consulting, a reseller of security and messaging products in Boston. "We've begun seeing demand for NAC products, and with the expansion of the network boundaries, this is where we need our focus to be."

With the increased number of mobile or remote workers and overlapping wireless and wired networks, companies are finding that positively verifying who is trying to access their data has become a tricky business. "The number of system types is really starting to grow, so you need the ability to look at all of them and offer a lot of flexibility in the access control solutions," says Roger Stegman, product manager for security vendor Enterasys.

No doubt, the NAC market is a busy one;because the access control problem is so broad, numerous vendors--notably Microsoft and Cisco--have been trying to play the first-to-market game, getting their products out quickly in hopes they can become the de facto standard (read "Fight For Control").

For example,Microsoft has been signing up partners for Network Access Protection (NAP), its own network access alternative that should become fully realized whenever the Longhorn/Vista operating system finally ships. In recent weeks, vendors such as Trapeze Networks and Lockdown Networks have announced support for the NAP program.

Lockdown CEO Brett Helsel says that a software-focused targeting of NAC issues, such as the one Microsoft advocates, will eventually replace the appliance-based approach. "Everything we do is moving toward software," he says. "We'll keep delivering appliances, but I wouldn't be surprised to see everything get built into the network switching infrastructure."

To that end, last week Lockdown announced version 4.2 of its turnkey NAC solution, Lockdown EnforcerT. The solution integrates with Enterasys Networks' Dragon Security Suite and with external security systems, such as IPS devices and patch management systems. It also includes advanced guest registration and support for additional control points and for Mac OSX.

Back to the show--Among the other NAC software solutions that will be showcased at Interop are the Websense Web Security Suite and Web Security Suite-Lockdown Edition, version 6.2; Enterasys Networks' Dragon Network Defense; Identity Engines Ignition 3.0; Highwall Technologies' Highwall EndPoint software; Vernier Networks' next-generation NAC solution; and Wiresoft's Sentry Security Platform (SSP). Also, the Trusted Computing Group will release three new specifications for its TNC architecture for integrity-based network access control.

Until the eventual migration to primarily software-based NAC solutions takes hold, NAC appliances still will be very much in demand. Here's a sampling of the devices that vendors will be demonstrating this week in Las Vegas. (Pricing was unavailable except where indicated.)

NEXT: From Trend Micro and Enterasys