VAR's Voice: NAC

Dan Thormodsgaard, director of solutions architecture at Fishnet Security Inc., based in Kansas City, Mo., gives a few tips for successfully getting into the NAC space.

ASSESS CUSTOMERS' INFRASTRUCTURE:
Research process and technologies for a NAC solution. Do your due diligence and look for a solution that's multivector for authentication and authorization. Above all, most NAC solutions have to fit into the enterprise. Look at manageability. Enforcing or discussing enforcing a NAC policy is a daunting task. What does it look like today? If you want to enforce it, what kind of impact does it have on the organization?

ESTABLISH CLEAR OBJECTIVES: You need to identify what your business requirements are, what you're trying to accomplish. Some areas are compliance. In order for them to comply, they have no choice. Next there are some risk-mitigation objectives, to protect data systems. Implementation on the remote access side is well-received and budgeted. Same for guest access for wired and wirelessand#8212;more so and#91;forand#93; wireless. If they can have one solution that provides that NAC access, that is the desired state.

EDUCATE YOUR CUSTOMER: We provide strategic guidance for customersand#8212;we are educating them on NAC for the most part. Often they're talking about a specific product. But there isn't one product that has an overall encompassing solution around NAC. You've got other components.

id
unit-1659132512259
type
Sponsored post

IMPLEMENT IN PHASES: In Q1 and Q2 they have a budget, but they're kind of pushing back on purchasing. It's not an absolute thing that they have to doand#8212;unless there's a clear business objective to why they're doing it. Try to talk short-term and long-term strategy.'

Next: Handling Objections Ed Glorioso, president of Network System Architects Inc., a Denver-based VAR, offers engineering and IT consulting solutions to a range of clients from SMBs to enterprises. Here, he offers a few strategies for overcoming customer concerns about NAC solutions.

BE PREPARED FOR RESISTANCE: NAC is as much a cultural change and shift as it is technical. Everyone is hurting for IT dollars. I really like and#91;NACand#93; but it has to compete with this other stuff. When and#91;customersand#93; have money, that's what they do. When they don't have money, it's on the back burner.

LISTEN TO YOUR CUSTOMER:'Everybody has a seat at the table. Nobody is feeling left out. The more they have a voice, the higher your success rate.

REASSURE YOUR CUSTOMER AND TAKE SMALL STEPS: NAC honestly is a good opening story. It's a really good sales leader. We can open up that conversation in the SMB with NAC because it doesn't cost anything to listen. If you say NAC, they say, "I've heard of that and it's great stuff." But most of them say, "No way, I can't afford it." We can get people stoked about solving problems and not turning their organizations upside down. and#91;For SMBsand#93;, the biggest inhibitor is that NAC equals money, and lots of it, and that's not necessarily true.

PACKAGE NAC WITH OTHER SECURITY MUST-HAVES: We just talk to them about how we can solve their problems. If we can bundle it into their antivirus, then we're talking. It's a different conversation entirely.

MAKE DEPLOYMENT EASY: We can walk into a client environment and have it up in a matter of hours. The agents are nonintrusive. Monday morning a person coming in can log into their desktop. Monday afternoon they are logging into their desktop and it's doing the same thing. They don't even know it's there.

BE TRANSPARENT ABOUT DEADLINES: Enterprise has a totally different, complex set of problems. Enterprise is so large that they're afraid to death to make any changes. They'll talk about it for the next 20 years. The biggest thing for enterprise is to lower the fear of this big process engagement that's going to unfold. Transparency is a word that can roll it all up into one strong point for enterpriseand#8212;collaboration and transparency.