Reader Survey by eMedia IT Security Bulletin Cites Key Customer NAC Adoption Drivers and Importance of Identity-Based Access Controls
Mountain View, Calif. – October 22, 2007 – Nevis Networks, a market leader in identity-based policy enforcement solutions that control network access and secure sensitive resources, announced today key findings from a comprehensive Network Access Control (NAC) survey recently completed in conjunction with eMedia IT Security Bulletin. The survey, conducted in August 2007, polled 450 respondents—nearly 50 percent of whom hold director-level and above titles, across multiple industries including banking and finance, education, federal government, healthcare and manufacturing.
Key highlights from the survey include:
- When asked which NAC architecture provides the greatest visibility and control, 81 percent of respondents declared in-line over out-of-band solutions;
- 34 percent of respondents rated identity-based access control as “most important” to a NAC solution;
- The top three issues driving interest in or adoption of NAC solutions include controlled access for remote users; controlled access for unmanaged users; and controlled access for managed users;
- When asked what primary method is currently used to control user access to data and resources inside the network, 31 percent replied “AAA/Active Directory/LDAP”; 21 percent said “VPNs”; and 16 percent said “data center firewalls;”
- When asked if their organization is capable of identifying exactly who is on the network and what they are accessing, 58 percent of respondents replied “No.”
“What is abundantly clear from this survey is that comprehensive LAN security is critical to protect an organization’s users, endpoints and network infrastructure, but NAC as defined today (authentication, endpoint compliance, VLAN steering) isn’t enough,” said Dominic Wilde, vice president of marketing with Nevis Networks. “Complete LAN security must also include real time and dynamic functions such as identity-based access control, threat containment and post-connect user activity monitoring.”
Of the 450 respondents participating in the NAC Survey, 14 percent are CxOs; 11 percent are vice presidents; 22 percent are director level; and 43 percent hold a manager-level position. The complete NAC survey results are available at this link.
Drivers for NAC Solutions and Beyond
Enterprises continue to sustain network assaults from increasingly complex security challenges in spite of years of investment in LAN-WAN perimeter security. These threats emanate from the blatantly malicious hacker or Internet worm, as well as from legitimate network users—mobile employees, business partners, contractors and consultants on the LAN. And while employees clearly need access to critical resources on the network to do their job, they can cause harm to the corporate LAN through malice or ignorance.
In addition, recent government regulations require enterprises to protect sensitive data and provide an audit trail of those protections, adding an additional burden on network administrators. Traditional security protection at the LAN-WAN perimeter is no longer an adequate defense against escalating insider attacks.
The Nevis Solution
The Nevis Networks LANenforcer™ family of secure switches and security appliances uniquely integrate comprehensive identity-based user access control, deep threat defense and user visibility to ensure persistent pre-and-post connect LAN security. The LANenforcers extend NAC functionality beyond endpoint posture checks to a multi- layered security architecture that provides continuous deep packet inspection protection without compromising wire speed performance.
Nevis LANenforcer switches and appliances are purpose-built to persistently secure the corporate LAN from the inside. The solution is easily integrated into existing network infrastructure without the need for network or virtual LAN (VLAN) configuration changes. Nevis LANenforcers provide the following benefits:
- Reduced Cost and Complexity of Risk Management
- Tighter Control and Visibility of Regulatory Compliance
- Control Access to Sensitive and Confidential Data
- Provision Appropriate Network Access for Non-employees
- Mitigate the Risk of Endpoint Vulnerabilities
- Provides a Common Standard for Wired, Wireless, Remote and Branch Office Users
About Nevis Networks
Nevis Networks is a market leader in secure switching and identity-based policy enforcement appliances. The company’s LANenforcer product family transparently enforces identity-based policies in real time within the network fabric, tightly controlling who can access a company’s network and what resources they are permitted to use. Cross-industry customers, ranging from financial services, healthcare, education and defense contractors deploy Nevis LANenforcers to protect sensitive network resources and assets, and significantly reduce the overall costs and time to resolve security breaches and conduct network audits. The company is headquartered in Mountain View, CA, with additional R&D centers in Pune, India and Beijing, China