NAC Grows Up

There are a million things to take into consideration when building out network security; making sure that even employees and welcomed guests only get in if they're prescreened is right at the top. Still, development of a common industry standard for deploying Network Access Control (NAC) has been elusive as vendors take different approaches to get the job done.

NAC has gotten a bad rap in the past by creating obstacles for end users whenever they didn't follow strict procedures. The process became so clumsy that at one time the technology was referred to as "help-desk call generators." That was certainly no way to endear itself to either a CIO or a CFO—not to mention every user that needs access.

That's changed today. Even though there's no standard way to deploy a NAC solution (some are hardware-based, some are software-based, some combine both elements), ease-of-use has taken leaps forward—as has the industry's understanding of the threat landscape.

There was a time when the impetus for hackers and other forms of cybermiscreants was for "street cred" and bragging rights. Today's threats are, in general, motivated by profit; a guarantee that inventive tactics for penetrating networks and accessing sensitive data are relentless and plentiful.

And so the CRN Test Center looked at three solutions available to VARs to provide both ease of access and security.

Methodology
CRN Test Center reviewers considered a variety of vendors and solutions before finalizing the scope and vendors for this test. Vendors approach the NAC space from a variety of angles, looking at traditional client security, offering desktop agents and comprehensive policy servers. While a majority of the vendors offer an appliance-based solution, a handful of them offer software solutions, leaving channel partners free to source their own hardware.

Reviewers placed themselves in the mindset of a solution provider looking for a comprehensive solution that would work within privacy, compliance and data-retention requirements. The customer network would consist of guests with limited access, along with roaming and on-site users. To balance the competing features, the solutions were restricted to software products. NAC vendors Sophos, Burlington, Mass.; StillSecure, Superior, Colo.; and Symantec Corp., Cupertino, Calif., participated in this review. Reviewers examined the feature set, management interface and flexibility in creating policies and profiles. Ease of deployment was also considered. As usual, reviewers also considered each company's channel program to determine which would be best.

Next: StillSecure Safe Access 5.0