Why Traditional Network Access Control is Dead and What We Can Expect Next

Two years ago Solutions Review covered Gartner’s Market Guide for Network Access Control. With an increase in devices on enterprise networks and ever-present security regulations for industries such as healthcare and finance, it looked like the Network Access Control (NAC) space was heading into a healthy place. However,  it was last year that signs began to indicate otherwise. Between the rise in cloud technologies, Software as a Service, and the continued rise of BYOD policies, here’s why traditional NAC technology is on the way out.

Bring Your Own Device

BYOD first began to gain momentum in the workplace at the tail end of the last decade. With the introduction of the iPhone and other smart devices, employees were opting to use their own personal devices rather than corporate provisioned devices. This trend, while helpful for employees, has made for a sticky situation for NAC technology. With more devices operating on the corporate network. the expectation to connect is higher than ever. This means that everyone from employees to contractors to interviewees will be looking to connect to your network and possibly your cloud resources.

Even in companies without established BYOD policies, its common for employees to use their own devices at work. When companies prohibit BYOD practices at their offices, it can encourage employees to find their own ways to use their devices at work, accessing wi-fi and work related documents. This sort of unsanctioned BYOD opens up a number of security problems for IT teams.

The Rise of the Cloud

Localized internal servers network have been significantly disrupted by cloud technology in the last eight years. Servers are now being hosted in the cloud, which means that the network extends well beyond the confines of the office environment and into servers around the globe. With corporate networks not being rooted in one location anymore, there is no one central network perimenter to defend with NAC.

Software as a Service Applications

The first Network Access Control technologies were developed in a time period when applications were accessed by through wired personal computers connected to in-house data centers. In today’s corporate landscape, these same applications can be accessed anywhere and at anytime. By being hosted in the cloud with in-browser portals, users only need their log-in credentials to access these applications. Network Access Controls require VPN and NAT loopback in order to allow remote access.

What’s Next?

Jn Oltsik, Enterprise Strategy Group’s senior principal analyst, said the time for NAC has come and gone, and the most promising replacement for it is software-defined perimeter technology. SDP is being used in a new generation of access-control solutions that are no longer limited to various types of hardware devices or access-control lists. SDP does have some of the same elements as NAC, as it combines device authentication, identity-based access and dynamically provisioned connectivity.  However, the approach to using these elements is notably different from Network Access Control.