As well as diversity in the devices and services it has to cover, NAC is torpedoed by the variety of user needs, said Prince: “It means different things to different verticals.” While a University will only care about pre-admission controls, and let users do more or less what they want once on the system, a bank will need to know everything that happens on the network.
And the idea of a separate NAC function came in for criticism: “I struggle with the idea of standalone NAC,” said Gold. “it needs to be part of the network.” Eldridge agreed: “You will never see a NAC box: it’s got to be integrated.”
Despite this, there’s a place in smaller businesses for appliances which combine several security functions, the vendors (both makers of security appliances) agreed.
Even with this gloom, the companies agreed that there is progress in security management. Systems are being made simpler, said Prince, and machine-to-machine communications are allowing systems to work more powerfully, said Eldridge.
For this sort of security-in-depth, networked devices must work together, and that needs standards, the vendors agreed: “We’ve started to develop the protocol,” said Eldridge.
One fundamental issue is identity management, and panelists criticised Cisco for not joining the ID management group quickly, making it harder to define a standard – although Guldentopps said there are good standards there, such as the LDAP directory access protocol.
Whether the full NAC vision is practical, security systems will have to get better at trapping insecure behaviour. “It’s the only way to catch zero day threats,” said Gold. “Signature files won’t do it, you need to use behaviour .”
And even without absolute security, the products on the market can be customised into a more closed configuration, said Guldentopps.
But it won’t happen if users are waiting for a panacea: “Let’s kill the term NAC,” said Moy. “It has been confusing since day one. It never was a coherent idea. Let’s Start talking about security management.
“Yet people are out there saying 2009 will be the year of NAC,” said Guldentopps.” Analysts say the darnedest things.”
Page: 1 2
Most people in the United States view TikTok as a Chinese influence tool a poll…
UK regulator confirms it is investigating whether OnlyFans is doing enough to prevent children accessing…
Dismissed staff file complaint with a US labor board, and allege Google unlawfully terminated their…
Elon Musk dismisses two senior Tesla executives, plus the entire division that runs Tesla's Supercharger…
Eight newspaper publishers in the US allege Microsoft and OpenAI used their millions of their…
US judge sentences Binance founder, Changpeng Zhao, to four months in prison for ignoring money…