Cisco maintains that by offering NAC monitoring for IP-connected machines such as Voice-over-Internet-Protocol (VoIP) phones and networked printers, companies will no longer be forced to formulate complicated exceptions to test the devices.

In adding direct hooks for such equipment into NAC, Cisco claims it has also addressed the perceived security loophole created by the need to create such exemptions, which some have said made it easier for attackers to defeat the authentication systems by spoofing such devices.

"It's not just PCs that are connecting to the perimeter of a network where customers need to make these types of decisions, which has been sort of a hole for a while as it was cumbersome to do NAC securely for some of these other devices, and users didn't have much information at their fingertips when they could do it," O'Connell said. "In some customer deployments, over half of the devices on the network are IP phones today, so, Profiler is an important step forward in improving NAC's abilities to that end."

Ladi Adefala, security practice manager for World Wide Technology, a St. Louis-based systems integrator that both uses and re-sells Cisco's NAC products, said the new products should help expand the technology's uptake in both larger and smaller customers.

Many companies have been looking for ways to test NAC in smaller settings and then extend the tools to a wider set of users, making the Network Module product launch particularly important, he said. The Profiler will eliminate the need for IT shops and service providers like World Wide Technology to port NAC to phones and other devices, a time-consuming process, according to Adefala.

Cisco has been actively marketing two approaches to NAC -- using its appliances to provide local protection on networks and also utilizing its top-down network-wide "framework" strategy. This has caused some customers to spend a long time deciding which route to go down, the expert say. However, Adefala contends that more companies are jumping further into NAC as Cisco's products become more mature.

"There was some initial confusion with which way to go, but Cisco has been able to get most customers to begin considering it more closely, particularly by marketing the appliance as a one-stop shop for NAC," he said. "I think that will continue to be the case over the next year because of the type of announcements we're seeing here, and more integration with third-party products."

One industry analyst echoed those comments, saying Cisco's is making "incremental improvements" with each NAC product release and likely growing its overall customer base for the tools.

Cisco's move to launch the NAC Profiler directly addresses a "perceived shortcoming" of the systems in allowing more devices to be tested, while the Network Module will encourage broader deployment among large multinationals and among smaller firms, said Phil Hochmuth, analyst with Boston-based Yankee Group.

"They're trying to fit in more places with both the switches and the framework. Obviously a lot more customers are using the [appliances] today because they are easier to deploy, but I think the framework will eventually appeal to some people," Hochmuth said. "They also have all these switches in place, and if they can harness that to sell NAC, that could be pretty powerful.

"NAC remains complicated and Cisco has been guilty of playing both sides a bit with the two different approaches, but they know that if they can get customers to adopt it today with the appliances, the eventually might go for the network-wide approach," the analyst said.