Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
Editor's Blog and Industry Comments

IoT could be the next step for Next-Generation NAC

13 February, 2015
ForeScout Technologies discusses its success in Network Access Control deployments and what the future holds for securing the complex networks of the future

With ForeScout Technologies having recently been hailed as one of the top three providers of Network Access Control (NAC) solutions by research company Frost and Sullivan, ProSecurityZone spoke to the ForeScout Chief Marketing Officer, Scott Gordon, about the expected continued growth in the market and where he sees the future of NAC.

With a 29% CAGR expected in the market to 2018 (according to Frost), innovation is going to be key to remaining in the top positions and being able to demonstrate differentiation from other suppliers in this fiercely competitive segment.

ForeScout comes out top in the Frost and Sullivan report in terms of the total number of network endpoints protected and this is of little surprise since the company mainly goes after large enterprises and has built up an enviable reputation, particularly in those segments which have critical reliance on their network infrastructure, including energy companies and healthcare. The company has around 1800 such organisations in its global client portfolio and this translates into hundreds of thousands of endpoints.

Such large networks demand ease of management and control, without which it would be difficult and time-consuming to spot vulnerabilities and enforce policies. One of ForeScout's differentiators is the ease with which its next-generation NAC solution can be deployed and integrated with other essential security products which reside on the network. In this respect, ForeScout has an established product which it can continue to deploy in its chosen markets but what about the future?

Increasingly, large companies are becoming reliant on endpoints that aren't on the desktop or hand-held as a BYOD endpoint. Future growth in connected machines characterises the Internet of Things (IoT) and this brings added texture and complication to the established corporate network environment.

We asked Scott about his view on IoT protection. He told us that although Industrial Control Systems and enterprise networks are still largely being managed as separate entities, there's a clear trend for industrial, medical and other equipment being brought onto the corporate network. Since they all have an IP address and all have an effect on infrastructure stability, network managers will need to have access to tools which they currently might not have at their fingertips.

With IoT integration, the network manager has to cope with an expanded array of endpoints which may have different operational and regulatory impact. A good example of this is the highly regulated healthcare industry with different elements of their networks with both desktop and machine endpoints that have mission critical or life critical implications. Clearly, these need different levels of precision when it comes to setting and enforcing network policies. This raises the issue of accurate endpoint classification.

The challenge facing those who are developing the further progression of Next-Generation NAC is how to provide security operators with an overview of such complex networks and easy access to consoles and tools for setting and monitoring policies that gain a new level of importance on such critical, always-on networks with so many operational silos.

Clearly, just because NAC has reached the next generation doesn't mean that it stops at that point and ForeScout has uniquely positioned itself to take advantage of the growing dependence on setting and monitoring network and endpoint policies in increasingly complex and increasingly critical network environments.

Jonathan Newell is a broadcast and technical journalist specialising in security systems and transport safety. He contributes to a range of titles in the technical press. He shares his time between the UK and Kazakhstan


Bookmark and Share