Re: is NAC dead?

[Jack Daniel <jackadaniel () gmail com>]

Ugh, "journalists" with agendas.  I wouldn't accept Joel's conclusions on
much of anything without running them through your own reality filters.
(Anyone else's, either, including mine.  But especially his).

NAC/NAP were (and still are) poorly defined, therefore hard to specify; they
were/are generally complicated and hard to implement.  Many (most?) are
trivial to bypass.

All that said, it can be useful for managing/cleaning a network.  If you
want to really lock down and protect a secure and clean network, it probably
won't make you happy.  If you are trying to get a handle on the typical
network mess and improve management/visibility, NAC might be pretty good if
you can justify the expense.

I would suggest taking a look at Bradford and Napera (based on
recommendations of people I trust, not personal experience).  I've been
playing with the NetClarity NACwall appliance (also sold under the BlackBox
name), I like it- but they are friends of mine so YMMV.

Jack


On Fri, Sep 3, 2010 at 8:33 AM, Albert R. Campa <abcampa () gmail com> wrote:

> Anyone still looking into NAC or actually using a NAC type solution? I am
> looking at hardware or agentless NAC, but came across this article and
> havent heard much about it.
>
>
> http://www.networkworld.com/reviews/2010/052410-network-access-control-test.html
_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com