Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

2/5/2014
03:22 PM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

NAC Comes Back

BYOD and advanced malware help resuscitate network access control

Network access control (NAC) was declared dead and buried a few years back, but the endpoint security policy enforcement technology is now enjoying a comeback of sorts -- thanks to the explosion of BYOD in the enterprise and disillusionment with traditional endpoint security solutions like antivirus.

A new report published today by research and marketing firm CyberEdge Group shows that 77 percent of security decision-makers and practitioners plan to deploy NAC as part of their mobile security or already do, and it's one of the top security technologies they plan to buy in the next 12 months, behind next-generation firewalls, network behavioral analysis, big data security analytics, and SIEM. About one-fifth of the 750 respondents from North America and Europe plan to purchase NAC products, and 64 percent already have them in place, according to Cyberedge's Cyberthreat Defense Report.

"I remember at RSA [Conference] five years ago, every second or third vendor was about NAC. Then there was disillusion ... and now it's risen from the dead and is a mainstream must-have," says Steve Piper, CEO of CyberEdge, which wrote the report commissioned by Palo Alto Networks, Bluecoat Systems, ForeScout Technologies, NetIQ, Tenable Network Security, Trend Micro, Cylance, General Dynamics Fidelis Cybersecurity Solutions, and Webroot.

Piper says three findings in the report demonstrate that NAC is back: NAC was the No. 1 technology cited by respondents as most effective in the defense of threats; it was the most popular technology for identifying misconfigured host security; and it was also the No. 1 technology used to identify vulnerabilities with mobile and laptop devices.

"The big reason for this [change] is the old legacy NAC solutions were just very static, and the solution was pass or fail. They required an agent built into them," Piper says. "These days, that's completely changed: Now the next-generation NAC is agentless, and any device can be evaluated. You also now have the choice of quarantining the device."

The mobile threat is the main driver for this resurgence of interest in NAC, he says.

Gartner late last year pointed out how BYOD has injected new life into NAC. "While the original driver for NAC was the need to enforce access policies for Windows PCs, the primary driver now is controlling the access of personally owned devices," said Gartner analyst Lawrence Orans in the researcher's December report on the NAC market. "NAC policies dictate which devices are granted full network access, which are blocked from the network, and which ones are granted limited network access. Partnerships with mobile device management (MDM) vendors have become an important factor in the NAC market, as NAC solutions rely on input from MDM solutions for information about the status and configuration of mobile devices."

But not everyone agrees that NAC is making a real comeback in the enterprise. Forrester Research's Rick Holland says he's not seeing much interest in NAC among his firm's enterprise clients. "I get zero inquiries from customers on deploying NAC -- it isn't on their radar. Same story when I do consulting with enterprises," says Holland, principal analyst for security and risk management at Forrester. Even so, about half of organizations have NAC deployed, according to Forrester's annual security survey, he says.

"NAC is a four-letter word for most companies. They struggled so hard to implement" the early NAC products, he says.

Where NAC shows real promise is in automatic containment of client devices that don't fit NAC policies, he says, something that ForeScout offers in its NAC product. "When something bad happens, go ahead and do containment. I like that use case, but I'm not seeing it with customers yet," he says.

[Mobile's inevitable return to the network flock. See A NAC Is a NAC, Alack Alack.]

Meanwhile, the CyberEdge report also highlighted the hack epidemic. More than 80 percent of the respondents say their organizations were compromised five times or less in the past year. But half say those compromises did not result in successful attacks on their networks. Less than 10 percent say their organizations were successfully breached 10 or more times in the past year.

Overall, more than 60 percent say they were hit by a successful attack last year, and less than 40 percent expect to get victimized again this year.

The endpoint is one of their biggest nightmares: Fifty-six percent say they are evaluating new endpoint protection solutions, 34 percent of which will do so to augment what they have in place, and 22 percent to replace their existing endpoint security products.

The full report is available here (PDF) for download.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
2/6/2014 | 3:18:32 PM
re: NAC Comes Back
Not really sure what's different this time around. If trying to enforce policies on a single platform (Windows) was such a hassle, is it somehow going to be less of a problem now that you're dealing with a bunch of Android variants on top of iOS and a smattering of Windows phones?
JJx
50%
50%
JJx,
User Rank: Apprentice
2/6/2014 | 2:16:11 PM
re: NAC Comes Back
NAC isn't back, y'all; it never left! :)
-jj
COVID-19: Latest Security News & Commentary
Dark Reading Staff 6/4/2020
Abandoned Apps May Pose Security Risk to Mobile Devices
Robert Lemos, Contributing Writer,  5/29/2020
Cybersecurity Spending Hits 'Temporary Pause' Amid Pandemic
Kelly Jackson Higgins, Executive Editor at Dark Reading,  6/2/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: What? IT said I needed virus protection!
Current Issue
How Cybersecurity Incident Response Programs Work (and Why Some Don't)
This Tech Digest takes a look at the vital role cybersecurity incident response (IR) plays in managing cyber-risk within organizations. Download the Tech Digest today to find out how well-planned IR programs can detect intrusions, contain breaches, and help an organization restore normal operations.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-13817
PUBLISHED: 2020-06-04
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attac...
CVE-2020-13818
PUBLISHED: 2020-06-04
In Zoho ManageEngine OpManager before 125144, when <cachestart> is used, directory traversal validation can be bypassed.
CVE-2020-6640
PUBLISHED: 2020-06-04
An improper neutralization of input vulnerability in the Admin Profile of FortiAnalyzer may allow a remote authenticated attacker to perform a stored cross site scripting attack (XSS) via the Description Area.
CVE-2020-9292
PUBLISHED: 2020-06-04
An unquoted service path vulnerability in the FortiSIEM Windows Agent component may allow an attacker to gain elevated privileges via the AoWinAgt executable service path.
CVE-2019-16150
PUBLISHED: 2020-06-04
Use of a hard-coded cryptographic key to encrypt security sensitive data in local storage and configuration in FortiClient for Windows prior to 6.4.0 may allow an attacker with access to the local storage or the configuration backup file to decrypt the sensitive data via knowledge of the hard-coded ...