Rescue NAC from the garbage pile? Part 1
by VPNHaus | 05/27/2010 |Industry Commentary
This one isn’t marketing’s fault, although they didn’t do much to help. We’re talking about NAC and it’s dismal market performance. So what happened and should it be rescued? We’ll tackle this – piece by piece – over the next few weeks. Let’s start with the lack of standards.
The Trusted Computing Group’s Trusted Network Connect (TNC), an industry organization that crafts NAC architecture documents and standards, recently launched a certification program which allows participating vendors to get a hallmark guaranteeing that their products implement the TNC protocols correctly, and that their architecture is compatible with other certified products.
But of course, the certification program stirred some dissent among vendors, as often has in the group’s five year history. TNC’s standards have rarely debuted without -- often provocative and rancorous -- debate. Joel Snyder, of NetworkWorld, this week chronicled TNC’s controversies, as well as the stubborn issues that continue to plague NAC. NetworkWorld recently conducted head-to-head tests of 12 NAC products to boil down what’s ultimately gone wrong with NAC, which was once so hyped and is now often feared.
Despite the disputes surrounding the certification, Snyder rightly points out the necessity for having standards in place.
First, it represents the main path forward for interoperable NAC products. With enterprise networks hosting more non-Windows devices than ever before, the need to have a multi-vendor approach to NAC continues to gain in importance.
The second reason is that these architectures are designed by security and network experts who are more interested in solving problems than getting a product to market quickly. While there are always commercial interests in any modern standards development, network managers can look to TNC and IETF-based products with some confidence that the primary design goal was security.
Without standards in place, NAC will continue to be a complicated headache for customers, many of whom will ultimately reject the technology and convince themselves that naked WLAN – maybe a firewall or two thrown in for good measure – is sufficient. That is, until they’re faced with a security breach.
Is the TNC certification a path out of the garbage pile? Chime in and join the discussion.