Get the NAC in 2007

By Cameron Sturdevant  |  Posted 2006-12-15 Print this article Print

Analysis: The year will see greater need for tight access control.

In 2006, network access control went from being a solution in search of a problem to an implementable product category. In 2007, IT managers likely will be able to use NAC tools to tie identity to resource access without having to do a forklift upgrade to the network environment. Before I prognosticate about NAC product directions, however, it is necessary to say a few words about policy development. NAC can be used effectively only if there is a clear policy in place that governs who has access to what information, from what location and on what platform. IT managers will have to involve line-of-business managers in the process of deciding access policies. Can a salesperson on the road—and without the most current anti-virus signature file—access the CRM (customer relationship management) system? If not, when the salesperson attempts to access the CRM system, will his or her system be shunted to a remediation portal for updates before gaining access to the network? Or will the system be shut out of the network altogether?
Once the policy questions are answered, IT managers will need to make NAC buying decisions based on a clearly articulated RFP (see