Table of Contents
- Summary
- Market Categories, Deployment Types, and Use Cases
- Key Criteria Comparison
- GigaOm Radar
- Vendor Insights
- Analyst’s Take
- Methodology
- About Andrew Green
- About GigaOm
- Copyright
1. Summary
Network access control (NAC) solutions sit at the intersection of visibility and security. This places NAC vendors in a unique position to enhance an enterprise’s wider security ecosystem with deep visibility and insights into all devices that are connected to an enterprise network.
There are some architectural considerations to keep in mind when evaluating NAC solutions. A NAC product can contain the following components:
- Agents: These are pieces of software installed on devices that assess the device’s compliance against a set of policies. Running on the device, agents can also enforce policies, which can take the form of ensuring antivirus software is running or preventing external drives from connecting to the device.
- Agentless: Modern NAC solutions can collect information about devices without requiring any agent to be running on the device. This is a great time and cost saving addition that is suitable for more relaxed policies or when dealing with large numbers of low-cost devices as in internet of things (IoT) devices.
- Central policy engine: This is the brains of the NAC solution, where administrators define and enforce policies, and can view reports of the overall security posture, analyze anomalous behavior and organize bring your own device (BYOD) or guest access.
- Network access device: These are the entry points to the network, where devices connect directly. Some solutions take a distributed approach in which the access devices, rather than the central policy engine, do the policy enforcing.
In addition to these components, a large number of vendors offer capabilities via add-ons, which can include functions such as reporting capabilities, device onboarding, guest access management, and analytics.
Historically, NAC deployments have been based on hardware appliances, with virtualized options having been available throughout the 2010s. Today, a large number of vendors have developed cloud-based solutions, for which the central policy engine is hosted in a cloud environment and enforces access and security policies across any network topology. However, hosting a NAC solution fully on the cloud may restrict some products’ ability to gain Layer 2 visibility into the network.
This GigaOm Radar report highlights key NAC vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report, “Key Criteria for Evaluating Network Access Control Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.
How to Read this Report
This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:
Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.
GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.
Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.