- 10 Microsoft research projects
- 10 kitchen gadgets for the geek gourmet
- Verizon trounces competition
- Smartphone smackdown: Storm vs. iPhone
- FBI warns of holiday cyber scams
Senior Editor Tim Greene clarifies issues surrounding the evolving NAC security architecture.
It's hard to prove that NAC can produce an ROI. It's not alone among security technologies that have trouble quantifying their worth because they stop bad things from happening. How do you measure the volume and cost of things that didn't happen?
The answer is you can’t, but there are a host of soft costs that may persuade the corporate bean counters to spring for NAC if it is otherwise warranted.
NAC can reduce downtime because fewer infected machines wreak havoc on the network, and the ability to contain outbreaks reduces the cleanup time for those attacks that manage to get through.
NAC can claim a variety of administrative savings. With NAC in place, guests can log themselves in to limited areas of the network without an administrator having to set up individual accounts. Administrative time is freed up by automating endpoint checks to see that the machines have acceptable security configurations.
With some NAC products, machines found lacking can be remediated automatically, again reducing the amount of assistance that administrators and help desk workers have to deliver.
Some NAC vendors whose products can be deployed as an overlay to existing network gear claim cost-avoidance. If NAC can embrace some existing network equipment as part of the NAC deployment, then the customer is getting added utility out of an existing investment as well as avoiding the cost of adding that NAC element.
From an accounting standpoint, all these merits are pretty squishy. The bottom line: stick to the argument that you need NAC to solve specific problems, not that NAC can be a profit center.
Tim Greene is senior editor at Network World.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comments (2)
NAC in generalBy shorejsi on June 12, 2008, 7:47 pm Part of the slow uptake of NAC can be attributed to the fact that it is often a solution in search of a problem. The 'Health Checks' generally rely on your installed...
Reply | Read entire comment
Hard Savings of NACBy Anonymous on June 12, 2008, 5:38 pmAlthough the ROI is difficult to calculate for NAC in the general case, some hard savings can be assessed in specific cases. For example, a customer of ours reduced...
Reply | Read entire comment
View all comments