Network access control vendors: Attraction vs. retention

By Andrew R. Hickey, News Editor 30 Aug 2007 | SearchNetworking.com

News on networking, mobility and voice Digg This!     StumbleUpon     Del.icio.us

Andrew Braunberg, Current Analysis' research director, said his firm's annual NAC study found that a strong marketing budget and message put certain vendors at top of mind among companies considering and planning NAC deployments.

Not surprisingly, Cisco's Network Admission Control appliance and framework hold the top two spots respectively as the most attractive network access control solutions to potential customers who have not yet deployed NAC.

According to Current Analysis' study, 45% of respondents said they would consider putting Cisco's NAC appliance in their networks, while 41% said Cisco's NAC framework is also an attractive option. Cisco was closely followed by Microsoft's Network Access Protection, which 21% of respondents said they'd consider for their network access control deployment.

Check Point, Juniper Networks, Sygate/Symantec, 3Com/Tipping Point, Trend Micro, McAfee/Foundstone, HP ProCurve, IBM Tivoli, Nortel, CA and Bradford Networks rounded out the list of vendors that potential NAC users would consider or found attractive, ranging from 5% to 15% of respondents.

The survey took data from roughly 300 highly qualified respondents who are actively involved in NAC implementation or planning within their organizations.

Braunberg said Cisco led the pack of attractive vendors because the networking powerhouse has been hammering home its NAC message for almost three years, making the name Cisco nearly synonymous with network access control in the minds of IT professionals.

"Cisco's been banging this drum about NAC harder and longer than anyone else," he said. "They've been actively pushing it. No one has the mindshare that Cisco has. Cisco no doubt is attracting large numbers to try their products. You can see clearly that Cisco has been very effective at driving NAC awareness. Nobody comes close."

But while Cisco dominates in vendor attraction, the company falls near the middle when it comes to retention.

"The retention scores and the attraction scores are much different," Braunberg said.

Retention scores are the percentage of respondents who are NAC customers of a certain vendor and would consider that same vendor for future NAC investments.

CA topped the list of vendor retention scores with 81%, followed by Juniper Networks at 80%, Bradford Networks at 78%, Check Point at 71%, and Nortel at 71%. Rounding out the category were HP ProCurve, Cisco CNAC, Cisco NAC appliance, Microsoft, McAfee/Foundstone, Sygate Symantec, 3Com/TippingPoint, IBM Tivoli and Trend Micro.

For more on NAC Find out the questions to ask in your NAC RFP Check out a tip on using NAC to tighten VPNs Learn how NAC appliances are a good shortcut

Braunberg is quick to point out that retention does not imply market share but does indicate that current users of those vendors' solutions are pleased with them and would continue using them going forward.

"It's a huge mix because NAC touches so many points in the infrastructure," he said. "There are a number of different players that make NAC solutions."

Braunberg said some of the vendors with high retention scores -- CA, IBM Tivoli and HP ProCurve, for example -- were surprising because those vendors don't push NAC solutions per se but may add some NAC components to their larger suites of products -- system, security, threat and identity management. At the same time, users vary in their perceptions of NAC. Some look at pure network access control; others consider host discovery, scanning and other security components as contributing to NAC.

"Professional services groups are delivering enough NAC functionality to make companies comfortable," Braunberg said. "Because the market continues to evolve, the big vendors have the mindshare but not always the market share. I wouldn't dismiss anyone from these results. It's a huge market from a vendor point of view. It's hard to differentiate yourself in a lot of ways. If you can find a good niche, you can certainly have success."

One surprising vendor earning a high retention score is Bradford Networks, he said, which last year's Current Analysis NAC study didn't even track. Bradford found its niche in education deployments and continued to gain momentum.

"This year's NAC study demonstrates again that no vendor can match Cisco in its ability to attract attention to its NAC solutions, and this is true for both its NAC appliance and the broader CNAC framework," Braunberg said. "What is interesting, however, is that many vendors are clearly meeting market demands and satisfying customer needs for NAC functionality, and this includes several of the smaller pure-play vendors."

Tags: Network Access Control,  Network Security Best Practices and Products,  VIEW ALL TAGS

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Network Access Control Joel Snyder discusses Network Access Control Day at Interop Las Vegas Maturing NAC market gets its first Gartner Magic Quadrant Poor data-loss prevention practices almost cost Intel a billion Network access control poised for a comeback by aiming small Dynamic network access control secures electronics manufacturer Shifting defenses and dynamic perimeters challenge network security Compliance in a virtualized world: Server virtualization and NAC security Securing the new network architecture: Security for distributed, dynamic networks What is data loss prevention? -- An introduction to DLP How to set passwords on folders in Windows 2003 servers Network Security Best Practices and Products Ethical hacking and countermeasures: Network penetration testing intro Are you on a domain name system (DNS) blacklist database? Rogue access points: Preventing, detecting and handling best practices Network security threats solved by risk management: John Pironti explains How to evaluate and manage UTM for network security Profiling -- and protecting against -- network problem users: The Internet Novice How does a firewall work? Physical network security key to fighting low-tech threats Why are TCP/IP networks considered unsecured? Troubleshooting networks: Can vendor software self-install firewalls?

RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary network access control  (SearchNetworking.com)

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary