The network access control (NAC) market is in for tremendous change in 2008, according to The 451 Group. The analysts say it's been five years of slow growth since Cisco first coined the term "NAC". The time may finally be right for broad adoption, but that doesn't mean the future is bright for the slew of venture-funded NAC startups. For some, it's do-or-die time.

Adoption of NAC technology has been hampered in recent years by an overabundance of competing architectures, products and approaches.

"The original value proposition behind NAC has changed, and the ground beneath more than one NAC pure play is starting to give way," said Paul Roberts, Senior Analyst, Enterprise Security at The 451 Group. "2008 is do-or-die for NAC pure-play firms, as major vendors fine-tune their NAC offerings and enterprises finally commit substantive budgets to NAC deployments."

Surveys of enterprise IT professionals conducted by 451 analysts found that enterprises are finally ready to deploy NAC technology, or to expand the trial deployments they have. NAC adoption is being driven by practical concerns, such as regulatory compliance or the need to lock down guest access. At the same time, enterprises are looking for technology that gives them a solid foundation for access control that can scale enterprise-wide. Compliance and the threat of data loss (whether leakage or theft by malicious insiders) are prompting companies to look for ways to blend pre- and post-admission security assessments into larger risk management frameworks that include identity and access management, intrusion prevention, insider threat detection and data leak prevention. This will cause some enterprises to favor diversified NAC vendors over NAC pure plays, The 451 Group found.

The future for a long list of NAC startup companies may also be determined by how well they can negotiate the next 12 months. "With profitability still elusive for almost every NAC pure play, the next 12 months will see overextended NAC startups forced to find a willing suitor or fold," said Roberts. "More nimble NAC vendors may still feel the need to pivot and try to capture new markets."

About this study

The 451 Group 95-page report, 'Network Access Control: 2008 is a do-or-die year' was written by Paul Roberts together with Nick Selby, Senior Analyst and Director, Enterprise Security Practice; and Andreas Schneider, Associate Analyst. In this 451 Security Quarterly report, The 451 Group takes measure of the NAC industry by looking at its history, at how it has evolved in the past five years, and at some of the forces that will transform the market for access control products in the months to come.

Key Companies Covered: The report includes in-depth competitive assessments of the following companies (although this is not a complete list of companies covered in various sections of the report): Autonomic Networks (Vernier Networks), Check Point Software Technologies, Cisco Systems, ConSentry Networks, Extreme Networks, ForeScout Technologies, Insightix, Juniper Networks, Lockdown Networks, McAfee, Microsoft, Mirage Networks, Nevis Networks, Sophos, Sourcefire, StillSecure, Symantec and Trend Micro.

» Story on Analyst Firm Website

» Comments   Digg this    del.icio.us Tweet This