Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

2/5/2014
03:22 PM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

NAC Comes Back

BYOD and advanced malware help resuscitate network access control

Network access control (NAC) was declared dead and buried a few years back, but the endpoint security policy enforcement technology is now enjoying a comeback of sorts -- thanks to the explosion of BYOD in the enterprise and disillusionment with traditional endpoint security solutions like antivirus.

A new report published today by research and marketing firm CyberEdge Group shows that 77 percent of security decision-makers and practitioners plan to deploy NAC as part of their mobile security or already do, and it's one of the top security technologies they plan to buy in the next 12 months, behind next-generation firewalls, network behavioral analysis, big data security analytics, and SIEM. About one-fifth of the 750 respondents from North America and Europe plan to purchase NAC products, and 64 percent already have them in place, according to Cyberedge's Cyberthreat Defense Report.

"I remember at RSA [Conference] five years ago, every second or third vendor was about NAC. Then there was disillusion ... and now it's risen from the dead and is a mainstream must-have," says Steve Piper, CEO of CyberEdge, which wrote the report commissioned by Palo Alto Networks, Bluecoat Systems, ForeScout Technologies, NetIQ, Tenable Network Security, Trend Micro, Cylance, General Dynamics Fidelis Cybersecurity Solutions, and Webroot.

Piper says three findings in the report demonstrate that NAC is back: NAC was the No. 1 technology cited by respondents as most effective in the defense of threats; it was the most popular technology for identifying misconfigured host security; and it was also the No. 1 technology used to identify vulnerabilities with mobile and laptop devices.

"The big reason for this [change] is the old legacy NAC solutions were just very static, and the solution was pass or fail. They required an agent built into them," Piper says. "These days, that's completely changed: Now the next-generation NAC is agentless, and any device can be evaluated. You also now have the choice of quarantining the device."

The mobile threat is the main driver for this resurgence of interest in NAC, he says.

Gartner late last year pointed out how BYOD has injected new life into NAC. "While the original driver for NAC was the need to enforce access policies for Windows PCs, the primary driver now is controlling the access of personally owned devices," said Gartner analyst Lawrence Orans in the researcher's December report on the NAC market. "NAC policies dictate which devices are granted full network access, which are blocked from the network, and which ones are granted limited network access. Partnerships with mobile device management (MDM) vendors have become an important factor in the NAC market, as NAC solutions rely on input from MDM solutions for information about the status and configuration of mobile devices."

But not everyone agrees that NAC is making a real comeback in the enterprise. Forrester Research's Rick Holland says he's not seeing much interest in NAC among his firm's enterprise clients. "I get zero inquiries from customers on deploying NAC -- it isn't on their radar. Same story when I do consulting with enterprises," says Holland, principal analyst for security and risk management at Forrester. Even so, about half of organizations have NAC deployed, according to Forrester's annual security survey, he says.

"NAC is a four-letter word for most companies. They struggled so hard to implement" the early NAC products, he says.

Where NAC shows real promise is in automatic containment of client devices that don't fit NAC policies, he says, something that ForeScout offers in its NAC product. "When something bad happens, go ahead and do containment. I like that use case, but I'm not seeing it with customers yet," he says.

[Mobile's inevitable return to the network flock. See A NAC Is a NAC, Alack Alack.]

Meanwhile, the CyberEdge report also highlighted the hack epidemic. More than 80 percent of the respondents say their organizations were compromised five times or less in the past year. But half say those compromises did not result in successful attacks on their networks. Less than 10 percent say their organizations were successfully breached 10 or more times in the past year.

Overall, more than 60 percent say they were hit by a successful attack last year, and less than 40 percent expect to get victimized again this year.

The endpoint is one of their biggest nightmares: Fifty-six percent say they are evaluating new endpoint protection solutions, 34 percent of which will do so to augment what they have in place, and 22 percent to replace their existing endpoint security products.

The full report is available here (PDF) for download.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Drew Conry-Murray
50%
50%
Drew Conry-Murray,
User Rank: Ninja
2/6/2014 | 3:18:32 PM
re: NAC Comes Back
Not really sure what's different this time around. If trying to enforce policies on a single platform (Windows) was such a hassle, is it somehow going to be less of a problem now that you're dealing with a bunch of Android variants on top of iOS and a smattering of Windows phones?
JJx
50%
50%
JJx,
User Rank: Apprentice
2/6/2014 | 2:16:11 PM
re: NAC Comes Back
NAC isn't back, y'all; it never left! :)
-jj
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-25329
PUBLISHED: 2021-03-01
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previousl...
CVE-2021-25122
PUBLISHED: 2021-03-01
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request...
CVE-2021-27225
PUBLISHED: 2021-03-01
In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users (who have coding permissions) to read and overwrite notebooks in projects that they are not authorized to access.
CVE-2021-27132
PUBLISHED: 2021-02-27
SerComm AG Combo VD625 AGSOT_2.1.0 devices allow CRLF injection (for HTTP header injection) in the download function via the Content-Disposition header.
CVE-2021-25284
PUBLISHED: 2021-02-27
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.