How many security vendors does it take to implement a NAC solution?
If you think this is the opening line to a joke, I am afraid the joke is on Pitney Bowes. I was reading a Network World article today about how Pitney Bowes "cobbled together" its network access control solution from at least 3 different security solutions. This type of approach is exactly why many analysts say NAC is not ready for prime time and no one vendor has a complete solution. Frankly, it gives NAC a bad name. I am amazed that the folks at Pitney are actually willing to stand up and say they paid over 700k for this mashup. A lot of postage stamps have to get sold to put this baby in place. I guess that is why their director of engineering is trying to say that they have received a good ROI based upon improved network latency with less unknown devices on the network.
What they have thrown together is a DHCP system to handle devices coming on the network from Infoblox, a configuration management system to handle managed devices from Big Fix and a "NAC" solution from Endforce for unmanaged solutions (Endforce has a unique approach to unmanaged devices, they just don't test them, not much of a solution at all really). In order for NAC to become a real force in the market, a customer should not have to use 3 different products to address this problem. It is exactly why products such as Safe Access and others like it offer a better solution in terms of cost and complexity of deployment. I think as the NAC market matures, we will see mashup NAC solutions like this fall by the wayside.
Comments