End user organisations are showing little interest in expanding their deployment of network access control in 2011, even though vendors are promoting the technology.
According to a new report from Forrester, only 10 percent of organisations plan to implement the technology in the coming year. The research company said that security professionals were struggling to deliver business cases to justify the use of the technology
Those companies that are going down the NAC path are overwhelmingly opting for client-side technology. According to Forrester 27 percent of respondents report adoption of a client-side NAC technology.
Report author, Usman Sindhu, claimed there were several reasons for this. "Client-side NAC technology is software-based, so IT and security professionals can more easily integrate and manageit," he wrote, adding that during the past 18 months, many security vendors have bundled NAC technology into their client security suite products, thus accelerating its adoption. We're seeing vendors like McAfee and Symantec using NAC as a feature in a suite or a bundled client security offering,"
Conversely, server-side NAC is less popular, only 17 percent of the respondents in the Forrester survey are interested in going down this route. These products include NAC technology integrated into routing and switching infrastructure or operating as separate NAC appliances. Security professionals struggle to make a business case for these devices because of the capital cost involved.
Sindhu makes four predictions for 2011. Firstly greater interest in NAC integrated into broader security offerings will flourish. He said that this had gone beyond security vendors themselves." For instance, Cisco and Juniper are keen on making NAC one feature in the infrastructure security stack. This trend is here to stay and will push other players to abandon the standalone NAC approach"
The second of Sindhu's predictions is that network access control will shift to the layered access control model. "Access control will encompass not only the network but also applications and mobile devices. The term "NAC" will not go away, but it will refer to network, application, and device access control. NAC solution vendors will work with partners to provide a layered access control where the focus is the user, not the device."
Sindhu's third prediction is that hybrid deployment modes will continue to be popular. "Security organisations don't have a clear preference for hardware-based versus software-based NAC deployments," he wrote, preferring to use a combination of deployments. He said that this trend would continue into 2011.
Finally, Sindhu said that in 2011, compliance-driven features will dominate the market. He said that companies would expand their compliance needs by taking on board employee-owned devices such as smartphones and tablets.