It takes more than NAC to block malware

Security: Network Access Control This newsletter is sponsored by ProCurve Networking by HP Network Immunity Solution IT professionals can learn how to better protect their network from internal threats including viruses, worms and user sabotage with this whitepaper. Read about a cost-effective software platform that also promises to deliver maximum network availability and regulatory compliance assistance. Click here to download now. Network World's Security: Network Access Control Newsletter, 10/16/07 It takes more than NAC to block malware By Tim Greene Of businesses that already use NAC in combination with antivirus software, more than a third suffer malware attacks anyway, according to a survey funded by Symantec. Based on results of questioning 300 people who attended InfoSecurity 2007, 82% said they use NAC in combination with antivirus software, and 36% said their networks became infected with malware anyway. This result indicates what is commonly accepted about NAC, that it isn’t the only security networks need to block malware. It is a risk-mitigation measure because it can identify machines less likely to be infected and allow only those onto the network. But as the result shows, that doesn’t mean they aren’t infected. Webcast: Get the latest on NAC Learn the latest on Network Access Control in Network World's Perspectives Editorial Webcast. Discover how IT professionals can leverage this hot security technology in their networks, while also learning about key management areas that have not yet been perfected. To learn more click here. Those who had implemented NAC were asked the main reasons for doing so, and were allowed to respond to more than one choice. The top three chosen were preventing unauthorized users from getting on the network (80%); preventing data loss (66%); and enforcing security and access policies (61%). More than half (55%) of the respondents already have NAC of some sort installed in their networks, and 31% say they are not interested in NAC. These NAC users were also asked what other technologies they required to interoperate with NAC, and 98% chose other security software. Three other technologies mentioned were virtual desktops (53%); printers and peripherals (51%); and mobile gear (47%). The top three reasons businesses hadn’t deployed NAC were that it cost too much (35%); it was incompatible with the network or operating systems (27%); and it was too disruptive to the network and to the organization as a whole (20%). Asked where they thought NAC was best enforced, 63% said on the network; and 37% said on the endpoint. Each choice included a qualifying statement. Part of the network question said, “It’s better to rely on the network’s own security features to prevent attacks and damage.” The endpoint choice included, “It’s better to evaluate and remediate devices before they connect to the network.” When asked “what frustrations, if any, have you had in implementing or managing” NAC, an astounding 86% said “none.” Based on reports about product testing done by professionals and on anecdotes from NAC customers, it’s hard to believe so many found no frustrations.   What do you think? Post a comment on this newsletter

MOST-READ STORIES: 1. Top 10 strategic technologies for 2008 2. Security companies to watch 3. Salary survey: IT pay falls short 4. Funniest Microsoft videos on YouTube 5. 'Networkiest' horror films 6. Google GPhones or GPhonies? 7. Quantum cryptography to secure ballots 8. Is Apple more controlling than Microsoft? 9. Oracle's 10 acquisitions in 2007 10. Would BEA disappear under Oracle? MOST E-MAILED STORY: Top 10 strategic technologies for 2008

Contact the author: Tim Greene is a senior editor at Network World, covering network access control, virtual private networking gear, remote access, WAN acceleration and aspects of VoIP technology. You can reach him at tgreene@nww.com. This newsletter is sponsored by ProCurve Networking by HP Network Immunity Solution IT professionals can learn how to better protect their network from internal threats including viruses, worms and user sabotage with this whitepaper. Read about a cost-effective software platform that also promises to deliver maximum network availability and regulatory compliance assistance. Click here to download now. ARCHIVE Archive of the Security: Network Access Control Newsletter. BONUS FEATURE IT PRODUCT RESEARCH AT YOUR FINGERTIPS Get detailed information on thousands of products, conduct side-by-side comparisons and read product test and review results with Network World’s IT Buyer’s Guides. Find the best solution faster than ever with over 100 distinct categories across the security, storage, management, wireless, infrastructure and convergence markets. Click here for details. PRINT SUBSCRIPTIONS AVAILABLE You've got the technology snapshot of your choice delivered to your inbox each day. Extend your knowledge with a print subscription to the Network World newsweekly, Apply here today. International subscribers, click here. SUBSCRIPTION SERVICES To subscribe or unsubscribe to any Network World newsletter, change your e-mail address or contact us, click here. This message was sent to: networking.world@gmail.com. Please use this address when modifying your subscription. Advertising information: Write to Associate Publisher Online Susan Cardoza Network World, Inc., 118 Turnpike Road, Southborough, MA 01772 Copyright Network World, Inc., 2007