In a time when one slip-up or one noncompliant endpoint can destroy a business, protecting the endpoint and protecting the network from that endpoint have become two imperative facets of network security. Not surprisingly, our readers took great interest in the endpoint security segment of our Product Leadership survey.

Network Admission Control (NAC) from Cisco took the gold award for endpoint security, earning high ratings from users. Of the 116 category respondents, 51 said they use Cisco NAC. Of those users, more than 70% said they trust Cisco's policy-based NAC and the range of policy checks that can be performed.

Cisco NAC also earned top marks for its enforcement options, integration with existing infrastructure, and logging and reporting. Scalability; ease of installing, configuring and administering; and vendor service and support also earned solid marks, while just over 60% of Cisco NAC users said they were getting their money's worth.

Cisco's NAC appliance, once known as Cisco Clean Access, is a building block toward the company's vision of a full NAC framework. It uses the network infrastructure to enforce security policy compliance on all devices seeking access to network computing resources.

With NAC, according to Cisco, network administrators can authenticate, authorize, evaluate and remediate wired, wireless and remote users and their machines prior to network access. Cisco NAC also identifies whether networked devices such as laptops, IP phones and other tools are compliant with network security policies, and it repairs any vulnerabilities before granting those devices access to the network.

Cisco NAC users can minimize network outages, enforce security policies, and save money with automated device repairs and updates, according to Cisco.

The NAC application extends to all network access methods, such as LANs, remote access gateways and wireless access points. IT also supports posture assessment for guest users.

Overall, when deployed, Cisco NAC recognizes users, their devices and their network roles, then evaluates whether their machines are compliant with security policies, such as having the appropriate software and OS updates. Lastly, NAC enforces policies by blocking, isolating or repairing noncompliant machines, which are put into a quarantine area where they can be remedied.

Users showered Cisco NAC with praise, one noting that it is an "essential part of our layered security." Others called it a "strong" and "excellent" solution.

Andrew R. Hickey, Senior News Writer