I just wrapped up the NAC Market Overview and it’s now live. This is the first Forrester NAC market overview and builds on the work I did for the original NAC Wave last year. I must say that the market overview is far less strenuous and we know it delivers almost as much value. It’s fair to say that I enjoyed this research piece, but I still need to gear up for refreshing the Wave next year. Until then, we can share a lot of good stuff about this market overview and I welcome your thoughts on it.

Writing this market overview was a great learning experience. And it’s even better when you can have meaningful conversations around the research. For example, I saw that someone started a discussion about the NAC solutions on LinkedIn’s “Network Security – IPS and NAC” forum. And very timely that someone referenced this market overview in the discussion — good to see readers benefit from these reports.

Following the space for the past year and half, I’ve noticed that solutions are maturing rapidly. And credit infamously goes to customers complaining about NAC’s complexity and breadth which makes it difficult to scale to multiple scenarios. Hence, vendors have to mature their offerings to survive in this thorny market. There is good news in all this — vendors strive to bring better solutions that help organizations solve specific problems and scale to bigger ones. I’m a big fan of theoretical physics and one concept states that entropy (disorder) is good for the universe. Disorder is good for the NAC market to a certain point and it will be one of the forcing functions to flatten the market out at some point. Fortunately, we’re reaching the flat curve in this space. And the end result: Customers are able to select solutions that are mature and more stable than their predecessors.

I don’t plan to overload you with much detail about the report here, however here’s a list of key takeaways if nothing else:

  • NAC landscape is stabilizing. I like to paint a rosy picture on this one, even though critics would be skeptical. We’ve seen many vendors exit this space in the past 2 years. And this will continue to some extent as vendors shift their strategy and form more partnerships. It’s a good thing for customers, who can now leverage more with less. The goal is to utilize their existing investments and deploy overlay solutions that work much better than their predecessors. And they provide more deployment options for customers in the form of hardware appliances, software management consoles, integrated IPS and vulnerability scanners, and much more. Bottom line: it’s much easier to take a NAC solution and deploy it in your environment today than even a year ago.
  • Customers cherish better deployment architecture. Ok, so maybe I went a bit overboard here with cherish. But ask a customer about their NAC deployment and the underlying architectural blueprint and you will be looking at blank faces. Reason being, not many vendors actually help with a well constructed design and a phased deployment path. In fact, few vendors even provide a reference architecture. Fortunately enough, vendors have gotten better at this and now they provide customers with a phased roll out (one that goes from monitor, to deferred enforcement, to full enforcement) that spans anywhere from six to 12 months.
  •  NAC Solutions finally have useful features. As I mentioned, NAC solutions are gaining breadth, which means integrating features with products across the board. NAC works with adjacent technologies like IPS, vulnerability scanners, asset discovery, IAM directories, and so on. In turn this provides better ROI. I’ll suggest taking a peek at Figure 3 of the report to get a full list of features.

So, this is it for now. Don’t forget to leave your thoughts about NAC in general or about the market overview. I’d love to hear your deployment experiences as well.

I’ll leave you with a quote from Albert Einstein, which applies fairly well to NAC:

“We can't solve problems by using the same kind of thinking we used when we created them.”

[Posted by Usman Sindhu]