Cisco Defends NAC Territory

Despite criticisms that its network admission control architecture remains too expensive to install and is overly complex, Cisco believes its NAC technology will continue to lead the market for years to come.

Largely credited for creating the burgeoning market for network access control technologies, used primarily for protecting IT operations from external threats, Cisco now finds itself in the familiar position of defending its home turf.

Much as the San Jose, Calif.-based company has spent years warding off criticism and competition from those that wish to wrestle away Ciscos top spot in the massive networking sector, the market leader is currently engaged in heavy battle with a long list of vendors gunning to carve out their own piece of the emerging NAC security landscape.

NAC technology, offered up in both software and hardware products, is used to protect organizations by scanning machines that attempt to log onto their networks and testing the devices to ensure they have all the appropriate permissions and security protections in place required by a company to access to its IT systems.

Rivals have begun actively using the cost and complexity, as well as some perceived security loopholes of Ciscos network admission control products to begin marketing their own network-based IT defense systems.

But rather than worrying about the exaggeration and misinformation they believe those vendors espouse about their NAC technologies, Cisco executives say the interest created by those claims will only help to drive its own business.

The most common refrain among the companys NAC rivals is that in order to adopt its tools, customers must rip out their existing networking gear and replace it with all new Cisco hardware and software.

/zimages/2/28571.gifClick here to read more about Ciscos NAC effort.

The other popular cut on Cisco NAC is that it falls prey to several major security issues that could allow hackers to infiltrate the system by disguising themselves as legitimate users.

In both cases the claims are untrue, said Brendan OConnell, senior product manager for Ciscos NAC appliances business. However, if the company is to succeed in its goal of becoming the leading network security technology provider, Cisco cant worry about the noise and must instead concentrate on building new products that enhance the role of NAC even further, he said.

"These are simply the things we have to deal with along the way, a dilution of the NAC market, comparisons that only refer to pieces of the big picture of what we can do, but generally speaking were making a lot of progress as everyone learns, and things are only getting better as we go along," OConnell said.

"Weve put a lot of development effort into being able to control the network in the way administrators truly need, and were getting the best feedback because we have the most widely deployed NAC technology today; its not surprising that others are coming after us, but at the end of the day were very confident that we can lead this market for a long time."

While companies adopting Ciscos entire NAC framework must indeed move almost completely to the companys own networking hardware and software to support the system, the firms NAC appliance lineup was specifically tailored to work in multi-vendor environments. And many of the security flaws highlighted by researchers at Ciscos rivals, such as those detailed by Insightix Chief Technology Officer Ofir Arkin, have already been closed off, or never existed in Ciscos products, OConnell said.

Next Page: A war of words.