The vast majority of organizations are either deploying network access control or planning to. That was the finding of our survey earlier this year of 325 IT professionals, which is the basis for our NAC Analytics report. The numbers are up sharply this year, with only 15% having no plans for implementation versus 46% a year ago, indicating that NAC has evolved from an interesting concept to a valid and valued enterprise technology. However, what IT pros who are planning deployments think they'll get from NAC is turning out to be different from what implementers are actually getting, and while there seems to be general agreement that NAC is a good thing, there's no agreement on the best architectural approach. Because the differences between planners and implementers were significant throughout our survey, we chose to break down results by those two groups and to compare each to the results we obtained in 2006.
Increasingly, there's consensus on the drivers for NAC: resource access control and regulatory compliance. It's compliance, however, that's coming to the forefront, especially for those who are already implementing the technology. Where in 2006 only 52% of respondents saw NAC as a response to compliance needs, now 63% of implementers see it that way. The numbers are even starker for those concerned with individual regulations like Sarbanes-Oxley. Fifty-two percent of implementers now see specific regulatory requirements as driving NAC adoption, while only 22% of those still planning for NAC are so driven.
Both needs are fundamentally the same. No regulation actually calls for anything as specific as implementing NAC. Instead, the law talks of concepts like managing and protecting hosts that access data. That leaves a lot of room for interpretation. NAC--which assesses a host's condition and, based on that assessment, grants or denies access to the network and its resources--is seen as one way to satisfy regulations and appears to be well on its way to becoming a best practice. Best practices are often emergent in a market rather than dictated--if most companies follow a certain convention, as is becoming the case with NAC, that convention becomes a best practice.
PAIN POINTS
NAC isn't a complete access control system. It functions to grant access to the network, but not generally as part of the access control mechanism for applications. A host may pass a host assessment, for example, and be granted access to the network, but once on the network, NAC may be unable to prevent malicious user behavior, such as application-level attacks like SQL injection into a Web application, or even more pedestrian problems, such as saving data to removable media like USB drives or other external storage devices. Most of the products discussed in our full NAC report don't include mechanisms for controlling access to removable media.
Verizon is demoing crowd analytics technology that uses 5G along with AI and mobile edge computing to give stadium operators insights into the flow of fans throughout a venue.
As we move closer to fully realizing the potential of Wi-Fi 7, it becomes evident that the RF, signaling, and throughput tests are not merely procedural checkpoints but the pillars of excellence in wireless communication.
With low earth orbit (LEO) satellites fast becoming the norm and 3GPP unifying telecom standards around the globe, the satellite IoT and machine-to-machine (M2M) sector ought to be looking at a bright horizon. But is this the case?
