Some NAC users tout successes

Security industry analysts and other market watchers are still working to understand the long-term viability of NAC (network access control) as a standalone technology, but some end-users contend that they are already seeing major benefits using best-of-breed tools.

Experts may debate whether or not NAC will remain a standalone product set or be integrated into other networking and security systems, or whether it will be used to control access to internal IT systems such as enterprise applications, but some users say that they are already satisfied with the ability of exiting products to help keep their computing infrastructure protected.

From companies building components for NASA's Space Shuttle program to regional college campuses, these IT administrators maintain that they have already found NAC to be a valuable method for keeping unauthorized users and infected devices from ever logging on to their networks.

At Astrium North America, the Houston-based arm of European aeronautic defense and space giant EADS, NAC is being used to help safeguard product designs and sensitive data that the company maintains as part of its work on the Space Shuttle program, among other projects.

While getting the tools into place was no simple trick, said George Owoc, director of business administration at Astrium NA, NAC has made it far easier for the company to work with all the business partners needed to collaborate on products that will someday travel into space.

"We have a lot of partners, including a fair number of people in Europe and foreign nationals without State Department clearance, so we have to be sure that we can protect our information, things like our engineering techniques, or we could lose the ability to participate in the Shuttle program," Owoc said. "Being able to manage access so that people who aren't authorized to get in cannot do so, or to ensure those who can don't bring in spyware is extremely important to our business, and NAC has allowed us to address that."

As in many other industries, a number of the companies that Astrium NA partners with on its projects are also competitors in other business environments. Combined with complex government requirements about protecting sensitive NASA engineering data, Owoc said that it was a challenge to both grant access to partners and ensure that his company's informational assets were protected prior to installing NAC.

Among the most significant challenges that Astrium NA faced in getting its NAC system, built by Lockdown Networks, into place was the structuring of the technology's rules for managing access to different areas of its network, Owoc said.

However, over the last four years that Astrium NA has used the product, Lockdown has improved the usability of its technology significantly, and the company is now able to tailor its enforcement capabilities to meet its unique processes, he said.

One of the main reasons the company chose to go with Lockdown over NAC products from larger vendors, specifically Cisco -- from which it buys the majority of its networking gear -- was that Owoc felt the smaller vendor would be more willing to listen to feedback about its products and make improvements over time.

From that standpoint, the admin said that his company will stick with the best-of-breed approach and its current vendor as he feels that the standalone product works better than integrated tools offered by platform providers like Cisco.