Analyst predicts slow uptake of NAC in 2011

Forrester foresees low interest in network access control as a standalone technology

In a report released this week called 'Network Access Control Predictions: 2011And Beyond', analyst firm Forrester predicts that network access control (NAC) technology will continue to see slow adoption in 2011, despite the fact that the firm sees significant value in the technology.

An NAC system defines requirements that must be met before a computer is allowed to access a network. These often include up-to-date security software and patches, with the goal of preventing insecure machines infecting the network with whatever malware they may be infected with.

One problem for the technology, according to Forrester, is that many organisations struggle to develop a compelling business case.

The report predicts that NAC will not flourish until it is integrated with other security offerings, giving the example of Cisco and Juniper, companies it says are keen on making NAC one feature in the infrastructure security stack.

Forrester believes that NAC will shift to what it calls a 'layered access control model', where control will move beyond the network edge to apply to applications and mobile devices.

In this way, access control can be device agnostic, and the layered access model will provide enforcement however the user connects.

The report adds that a mixture of hardware- and software-based NAC deployments will prove popular, and that regulatory compliance will be a key driver.

The consumerisation of IT, and users being allowed to access the corporate network on personal devices, will increase the complexity of compliance requirements, leading to increased take-up of NAC technology.

It predicts that organisations will require rogue device detection, network-connected endpoint discovery, automated remediation, and virtual endpoint scanning.