NAC makes for strange bedfellows
A couple of articles today forced me into an Aha! moment on NAC. I think you can tell when a technology begins to mature when you see announcements about how the products are working with 3rd party products. On the other hand I think it also shows what the strengths and weakness of individual vendors are as well.
Two cases in point
1. Bradford announces that it plays well with Top Layer - This press release details how Top Layer IPS can alert Bradford's NAC product to devices on the edge sending out bad traffic. At that point presumably Bradford would be able to quarantine the offending device. According to the spin this results in "core to edge" protection
Well this is certainly not new. Bradford has advertised working with 3rd party IPS's for sometime. Bradford is not alone in this either. There are several NAC vendors including StillSecure that can do this. But is integrating with existing IDS/IPS a post-connect NAC solution? I don't think so. I don't think it is truly a holistic approach. All you are doing is sending out a syslog alert and based upon that quarantining a device. No context, no depth, you are piling on separate solution on top of another separate solution. While as I have said this integration is not new, we have been working for a long time to take our own IDS/IPS technology and use that as a the basis of a true post-connect NAC sensor. Integrating the products into a common UI, with common policies, rule sets and management is where the value is.
A vendor who only has a NAC product that can do pre-connect health checks (which are valuable in and of themselves) but can than only "integrate" by passing data back and forth is going to have a tough time in the maturing NAC space.
2. InfoExpress teams with Alcatel-Lucent - In this story, InfoExpress talk about how they teamed up to deliver to Iona College a secure wireless solution. Good for InfoExpress, they are often left out of the NAC market discussion, though they have been selling NAC as long as anyone. What I found surprising is what does this say about Alcatel-Lucent's OEM of ConSentry gear for NAC. Does this mean Alcatel-Lucent is no longer selling the Consentry NAC solution? What is going on with ConSentry anyway?
One thing for sure is that NAC makes for strange bedfellows.