Reviving the Perimeter

By Cameron Sturdevant  |  Posted 2005-11-17 Print this article Print

eWEEK Labs expects the pace of development of network access control products and the effectiveness of these tools to improve in 2006.

In 2006, network software and hardware vendors will continue to build new barn doors to make sure that when the horses return, in the form of endpoint devices including laptops and PDAs, only those not compromised with viruses or vulnerable configurations are allowed to access network resources.

Re-establishing the network perimeter is a laudable goal, but work at eWEEK Labs shows that keeping compromised machines off the network requires not only technology but also significant planning and policy development.
We expect that both the pace of development of network access control products and the effectiveness of these tools will greatly improve in the coming year.

We suggest senior IT managers prioritize evaluating network access control tools. Specifically, we think next year is the time to outfit corporate testbeds with admission control devices to accelerate the use of these technologies in the enterprise. In part, the situations urgency is driven by a steady increase in the number of application and operating system vulnerabilities; increases in the sophistication of all forms of malware; and a decrease, as reported by Symantecs Internet Security Threat Report, in the time between vulnerability and the release of exploit code.

Cisco announced on Oct. 18 the second version of its NAC (Network Admission Control) initiative, which is loaded with advances, including adding LAN tools to the NAC framework—technology that integrates anti-virus, anti-spyware and other third-party configuration-checking tools. Click here to read more about Ciscos NAC initiative. Ciscos NAC framework shouldnt be confused with Ciscos complementary NAC appliances, which provide use policies to assess and remediate endpoint devices. Microsofts NAP (Network Access Protection), a platform in Windows Server "Longhorn," is expected to help ensure that Windows computers connecting to the network meet system health requirements when Longhorn ships late next year. Cisco and Microsoft are making an effort to ensure the technologies work well together. Even as Cisco and Microsoft develop these network access control offerings, others, including Vernier Networks and LANDesk Software , are providing tools that seek to provide network access control that works with and fills in gaps in the Cisco and Microsoft offerings.

It might turn out that as 2006 unfolds, IT managers find that advances in network access control will make a significant dent in the damage caused by infected machines, especially if anti-spyware and anti-virus software makers continue their trend of running a neck-and-neck horse race with malware makers.

Labs Technical Director Cameron Sturdevant can be reached at

Check out eWEEK.coms for the latest news, views and analysis on servers, switches and networking protocols for the enterprise and small businesses.
Cameron Sturdevant Cameron Sturdevant is the executive editor of Enterprise Networking Planet. Prior to ENP, Cameron was technical analyst at PCWeek Labs, starting in 1997. Cameron finished up as the eWEEK Labs Technical Director in 2012. Before his extensive labs tenure Cameron paid his IT dues working in technical support and sales engineering at a software publishing firm . Cameron also spent two years with a database development firm, integrating applications with mainframe legacy programs. Cameron's areas of expertise include virtual and physical IT infrastructure, cloud computing, enterprise networking and mobility. In addition to reviews, Cameron has covered monolithic enterprise management systems throughout their lifecycles, providing the eWEEK reader with all-important history and context. Cameron takes special care in cultivating his IT manager contacts, to ensure that his analysis is grounded in real-world concern. Follow Cameron on Twitter at csturdevant, or reach him by email at

Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel